2018-10-28T08:38:00Z

What is your primary use case for LogRhythm NextGen SIEM?


How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Guest
3939 Answers

author avatar
Real User

We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior.

2019-05-31T15:24:00Z
author avatar
Top 5LeaderboardReal User

Our primary use case is for general log monitoring. We do not use it as a SIEM.

2019-05-09T13:12:00Z
author avatar
Real User

Our primary use case is for looking at daily logs, drawing conclusions, and making relationships and correlations to investigate particular event IDs, investigate particular alarms that we have, and just viewing normal data use. I'm new to the system so I'm still getting used to it.

2019-03-24T08:52:00Z
author avatar
Real User

My primary use case is threat detection.

2018-11-22T09:50:00Z
author avatar
Top 20Real User

We utilize the LogRhythm solution to monitor most of our servers and our users to make sure that nothing anomalous is happening. What I really love about the LogRhythm platform is the fact that when something anomalous happens, I can see it almost immediately through the ability to collect a massive amount of logs in a very small footprint as far as hardware goes. We do utilize everything. I think one of the most recent things that I've really enjoyed about LogRhythm is the ability to utilize smart responses published by LogRhythm. For example, one of our use cases is that when we have a termed users group, that when someone is placed in there, we want to monitor to see if their account is ever activated again. So we have a smart response set up that when a termed user is enabled, the smart response immediately activates and says bam, that user is getting disabled again. We don't want anyone to have access to that at all.

2018-11-22T09:50:00Z
author avatar
Top 20Real User

My primary use case is for log retention. I've been using it for analysis, and to troubleshoot potential issues on my network and infrastructure. To find out what I have in my network that may be causing problems.

2018-11-22T09:50:00Z
author avatar
Top 20Real User

My primary use case is to alert to any anomalies that may have security relevance as far as some of the industry regulations that apply to our health care, as well as payment card industry.

2018-11-22T09:50:00Z
author avatar
Real User

The primary use case is to provide security analytics for the SOC and empowering all of our SOC operations for day to day business.

2018-11-22T09:50:00Z
author avatar
Top 20Real User

Our primary use case is for fraud detection and infrastructure, so we use the SIEM to detect frauds in the banking side of the house as well as infrastructure. I use it for security and UEBA purposes.

2018-11-22T09:50:00Z
author avatar
Real User

My primary use case for this solution is to basically monitor the network to make sure that we don't have unknown users or individuals that should not be in our network. So we use it basically to aggregate our logs within our system and to watch it for possible threats.

2018-11-22T09:50:00Z
author avatar
Top 20Real User

Our primary use case for bringing on a SIEM in general was the need to correlate our data across dozens of different solutions that were spitting out logs. We got to a level of complexity where it became mandatory.

2018-11-22T09:50:00Z
author avatar
Top 20Real User

The primary use case for this solution is to monitor our environment and ensure that we are not having any breaches. In addition, this solution allows us to maintain compliance with HIPAA .

2018-11-22T09:50:00Z
author avatar
Top 20Real User

Our primary use case for using the LogRhythm SIEM product is reviewing alarms, events, and managing our cases for forensic investigation.

2018-11-22T09:50:00Z
author avatar
Top 20Real User

The primary use case for our LogRhythm product is to maintain PCI compliance across all of our environment. We also use it to monitor authentication and monitor our perimeter for security threats.

2018-11-22T09:50:00Z
author avatar
Top 20Real User

The primary use case is tying all of our log sources together between all of our Windows servers, network devices, and we've recently added all of our cloud infrastructure as well. So it's really tying all those together, correlating all those logs and getting us one central pane of glass really as it relates to all of our logging activities.

2018-11-22T09:50:00Z
author avatar
Top 20Real User

Our primary use case for LogRhythm is using the log ingestion and analytic features.

2018-11-22T09:50:00Z
author avatar
Top 20Real User

We have been using LogRhythm for the last seven to eight years. About a year-and-a-half ago we made a push, which is why I was brought on, to go global with it. The global use case is security only, we're not getting back to the business. It's the first time I've done SIEM that works that way. It's all about feeding the SOC and IR teams and letting them do their job.

2018-10-28T08:38:00Z
author avatar
Real User

The primary use case is to monitor for compliance and the behavioral analytics of our users, tracking for potential threats to the company's infrastructure. We are using both products. We are using NetMon integrated with the LogRhythm platform.

2018-10-28T08:38:00Z
author avatar
Real User

It is for security monitoring.

2018-10-28T08:38:00Z
author avatar
Real User

We use it to alarm our help desk. We staring to use it for SMART Response. We have been using SMART Response for about a year. Now, we are starting to push that towards the help desk, so the junior analysts can do more.

2018-10-28T08:38:00Z
author avatar
Top 20Real User

We use it for centralized log management and for alerting. It's been working pretty well. We're on the beta program so what we're on right now has not been working quite as well lately. We're helping them find the bugs, but before this we didn't have any really major issues with it.

2018-10-28T08:38:00Z
author avatar
Top 20Real User

Our primary use case would be for compliance. We needed a check in the box for compliance. Right now, it's performing and doing its job, allowing us to say that we are compliant with HIPAA, PCI, etc.

2018-10-28T08:38:00Z
author avatar
Real User

We use it for all of our log correlations and event management. We try to do some external troubleshooting for other groups, like WebOps, but it's primarily our security and event manager.

2018-10-28T08:38:00Z
author avatar
Top 5LeaderboardReal User

The primary use case is looking at our security as a whole, as an organization, trying to get all the logs collected, see how things can be integrated or what's happening through the different products. We also use it to see how people are trying to potentially circumvent security and what we can do to prevent people from doing that. Finally, we use it to get training out to end-users for certain things that they may be doing inaccurately. We don't currently use the full-spectrum analytics or the built-in playbooks.

2018-10-28T08:38:00Z
author avatar
Top 5LeaderboardReal User

Primary use case for the SIEM would be for log collection and threat identification. We're still in the beginning stages of our security solution, as far as maturity. Two years ago, this security program didn't exist.

2018-10-28T08:38:00Z
author avatar
Top 20Real User

It's our central security monitoring platform. It's where we bring all of our events together so we can monitor our network.

2018-10-28T08:38:00Z
author avatar
Top 20Real User

We've been working with LogRhythm for a few weeks. We had Splunk and we're replacing it LogRhythm. It's a general SIEM system for us, gathering the logs into one area.

2018-10-28T08:38:00Z
author avatar
Real User

We primarily use the LogRhythm SIEM for the law collection aggregation for all of our Windows machines. We have all our firewalls sending logs to it. We have it hooked into Office 365 with the API to manage our cloud environment, and it's performed phenomenally.

2018-10-28T08:38:00Z
author avatar
Real User

The primary use case is compliance requirements. It is performing at the moment, but we are still in the process of implementing it.

2018-10-28T08:38:00Z
author avatar
Real User

Our primary use case is incident response and alerting. In terms of performance, it's pretty awesome.

2018-10-28T08:38:00Z
author avatar
Real User

We have a small population of users, but we are large physically and geographically spread out with a lot of devices on our network. We need all that login capability going into one spot where we can see it and correlate events across all our infrastructure with a small staff.

2018-10-28T08:38:00Z
author avatar
Top 20Real User

It came in as a compliance package. Now, it is more of a security analytics platform for us, so we try to route relevant security and computer logs. We also have some use cases that we came up with and some of the stuff that LogRhythm provided, which has been the basis of our use of this security platform. The company is dedicating me to working on this solution exclusively, so it has been great.

2018-10-28T08:38:00Z
author avatar
Real User

We have a lot of distributed offices and no visibility into any of them. The use case for this product is to collect and integrate logs from all the machines at all the different sites and get better insight into the security areas that we need to tighten up.

2018-10-28T08:38:00Z
author avatar
Real User

It monitors any potential security threats within any of our important network security appliances, like our firewall, or any of our important databases. The idea being that you can't look at all the logs at once, so we now have a central point of monitoring for all potential threats.

2018-10-28T08:38:00Z
author avatar
Real User

I'm an admin and analyst, so use cases cover a lot of log sources for applications, mostly.

2018-10-28T08:38:00Z
author avatar
Top 5LeaderboardReal User

We work on a dark site. It's the next generation ground station for the Air Force's GPS system. Our use cases are based mostly on an insider-threat perspective. We utilize a lot of AI Engine rules within the LogRhythm SIEM to detect different types of privileged-user actions, whether it be escalation of privileges, creation of user accounts, or modification of user accounts. We also use it for IDS rules and firewall rules that are met, in terms of the IDS finding signature attacks.

2018-10-28T08:38:00Z
author avatar
Real User

The biggest use case is visibility. Because we have a lot of flaws, if you don't have a tool that can bring it all in and give you that visibility, then all that log information is useless. Thus, LogRhythm helps us keep that visibility.

2018-10-28T08:38:00Z
author avatar
Real User

The primary use is monitoring logs, to see what's going on.

2018-10-28T08:38:00Z
author avatar
Real User

We collect from our primary devices and our endpoints and we look to identify any concerns around regulatory requirements in business use. We have payment card industry regulations that we are monitoring, to make sure everything's going the way it's supposed to, as well as for HIPAA, HITECH, and general security practices.

2018-10-28T08:38:00Z
Learn what your peers think about LogRhythm NextGen SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
441,726 professionals have used our research since 2012.