2018-10-28T08:38:00Z

What do you like most about LogRhythm NextGen SIEM?


Hi Everyone,

What do you like most about LogRhythm NextGen SIEM?

Thanks for sharing your thoughts with the community!

Guest
2222 Answers

author avatar
Real User

We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior.

2019-05-31T15:24:00Z
author avatar
Top 5LeaderboardReal User

The feature that makes it usable is the web interface.

2019-05-09T13:12:00Z
author avatar
Real User

The ability to investigate a particular period of time where you can analyze logs is its most valuable feature.

2019-03-24T08:52:00Z
author avatar
Real User

When it comes to dealing with support, all my interactions have been great. Everyone has known what they're doing and have been quick to respond. They seem to always know the answer. I haven't stumped anybody yet.

2018-10-28T08:38:00Z
author avatar
Real User

It has centralized monitoring for our security operations. Therefore, it improves our analysts' work.

2018-10-28T08:38:00Z
author avatar
Real User

It has helped us centralize and have better visibility into devices on our network. We are better able to respond to threats in a timely manner.

2018-10-28T08:38:00Z
author avatar
Real User

It allows us to automate a lot of things with a smaller team.

2018-10-28T08:38:00Z
author avatar
Real User

We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products.

2018-10-28T08:38:00Z
author avatar
Real User

Alarms are the most valuable feature. We also like the dashboard and how things are at your fingertips. The fact that we can now edit the report templates is going to be a great thing.

2018-10-28T08:38:00Z
author avatar
Real User

The ability to drill down and pivot from an event is one of the biggest advantage the product has compared to other things that I have seen in the market.

2018-10-28T08:38:00Z
author avatar
Real User

The Web Console is my favorite. It enables me, at a glance, to see the health of the environments.

2018-10-28T08:38:00Z
author avatar
Real User

We have NetFlow information going into it, so we can examine a lot of traffic patterns and anomalies, especially if something stands out and is not the baseline. This helps a lot.

2018-10-28T08:38:00Z
author avatar
Real User

It seems like it will scale easily with the way our environment is set up.

2018-10-28T08:38:00Z
author avatar
Top 20Real User

The AI Engine can take an event and correlate it into something else giving us meaningful context regarding what is going on. We integrated it in with our ticketing system, so if an alarm fires, it raises a ticket in our system.

2018-10-28T08:38:00Z
author avatar
Top 20Real User

Even other products we have that feed into it, instead of having to watch all of them we only have to watch one. For example, we have CrowdStrike, so instead of having to pay attention that solution - because their dashboard doesn't really pop when an alarm comes up - we can see issues with the red on the LogRhythm alarm. That is very nice.

2018-10-28T08:38:00Z
author avatar
Real User

The most valuable features would be the automation, reporting, and the support.

2018-10-28T08:38:00Z
author avatar
Real User

We have to be able to show the evidence, and LogRhythm does a great job of putting it forward and making it easy to create reports with nice looking dashboards, which show off what we are doing as a security program.

2018-10-28T08:38:00Z
author avatar
Top 20Real User

We integrated Azure logs with it and that makes it simpler. Rather than having to log into the portal, we can just check everything in one place. We can compare those to our Windows and host logs to see if any problems correlate between them.

2018-10-28T08:38:00Z
author avatar
Top 20Real User

The alarm functions have helped us cut down on the manual work. They bubble things up to us instead of our having to go look for stuff. Also, from an operational perspective, day to day, the Case Management functions are really useful for us. They allow us to track what we see in the incidents that we have.

2018-10-28T08:38:00Z
author avatar
Top 5LeaderboardReal User

Its benefits are broad. The solution isn't necessarily made to do any one thing, but it can do anything you tell it to. It is able to tackle any different type or size of job.

2018-10-28T08:38:00Z
author avatar
Real User

Its ability to work with all different sorts of log sources has been extremely valuable.

2018-10-28T08:38:00Z
author avatar
Top 20Real User

It has allowed us to dive deeper into our network and figure out what is going on by parsing logs properly and being able to reduce the time it takes to work cases down from seven days to approximately two days.

2018-10-28T08:38:00Z
Learn what your peers think about LogRhythm NextGen SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
441,478 professionals have used our research since 2012.