TrustRadius: an HG Insights company

LogRhythm NextGen SIEM Platform

Score7.3 out of 10

68 Reviews and Ratings

Get a Demo

What is LogRhythm NextGen SIEM Platform?

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management solution that centralizes log data, enriches it with contextual details and applies a consistent schema across all data types.

Categories & Use Cases

Key Features

Learn about the best (and worst!) features LogRhythm NextGen SIEM Platform has to offer, as determined by TrustRadius' reviewers.
Based on 68 ratings of LogRhythm NextGen SIEM Platform's features
View all features

Top Performing Features

  • Centralized event and log data collection

    Effectiveness of real-time centralized event and log data collection

    Category average: 9

  • Correlation

    Correlation of logs and events to pinpoint significant threats

    Category average: 8.4

  • Event and log normalization/management

    Ability to normalize event syntax so that logs can be compared and are machine-understandable

    Category average: 8.5

Areas for Improvement

  • Incident indexing/searching

    Effectiveness of searching across structured and unstructured events and incidents within SIEM

    Category average: 8.8

  • Reporting and compliance management

    Ease and quality of reporting and compliance functions

    Category average: 8.3

  • Deployment flexibility

    Ability to tune system to maximize threat detection and minimize false positives

    Category average: 7.7

Reviews

What users are saying about LogRhythm NextGen SIEM Platform.
View all reviews

Top Rated SIEM Platform

Mohammed Younus SiddiquiView profile
Security Specialist in Information Technology at King Fahd University of Petroleum & Minerals (1001-5000 employees employees)

Use Cases and Deployment Scope

We use LogRhythm NextGen SIEM Platform in our university to ingest all types of logs. Be it firewall logs, window events logs etc. If it has a log then we send it to LogRhythm NextGen SIEM Platform. This ensures that we have all our logs in one central place which can then be used to analysis and cross section and use case creation.

Pros

  • Log Ingestion
  • Dashboards
  • Alerts

Cons

  • Hard to Use
  • Multiple modules with different points of entry
  • Needs AI

Most Important Features

  • Dashboards
  • Log Ingestion
  • Alerts

Return on Investment

  • Intrusion Detection
  • Executive Level Reports
  • Centralized log search and lookup

Alternatives Considered

Splunk Enterprise and Darktrace

LogRhythm Logging for the masses (of stuff you own)

Incentivized
James Harrison, CISSPView profile
Information Security Engineer in Information Technology at PDX (501-1000 employees employees)

Pros

  • Great Web UI for help desk troubleshooting.
  • Identification and drilldown of authentication issues.
  • Performance trending.
  • Correlation of events.
  • Access and group policy change monitoring.

Cons

  • Reporting is based on Crystal Reports, requiring a template prior to building a report. The template once saved, cannot be edited. Repeat until you get it right.
  • Query building in the WebUI has little or no documentation.
  • Depth of training on reporting is lacking.

Return on Investment

  • LogRhythm has had a positive impact on our reporting capabilities, although the reporting module is very difficult to use.
  • Our support teams use LogRhythm to alert on, track and troubleshoot issues with authentication, inappropriate access attempts and other anomalous behavior.
  • The cost of deployment was significantly lower than the competitor QRadar.

Other Software Used

SolarWinds Netflow Traffic Analyzer, SolarWinds Network Configuration Manager, Cisco IronPort Web Security Appliance

Usability

LogRhythm is definitely worth the price especially in large organizations.

Incentivized
Verified User
Engineer in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

We have deployed LogRhythm NextGen SIEM to incorporate all of our system logs, network appliances, and security servers. It provides well-profiled logs that we use in daily operational in-depth diagnosing. The SIEM also offers automated reports that review our logs daily. The inbuilt and customized dashboards monitor events' real-time security. The AI engine regulations rapidly detect malicious events and send us immediate alerts. It also issues organized reports to fully meet our HIPAA compliance needs.

Pros

  • Massive log incorporation.
  • Top notch reporting and alerting features.
  • It rapidly detects hostile activities through the AI engine regulations.

Cons

  • Executing huge web searches on web traffic can make it a bit rickety.
  • It has a tight support for cloud domains.

Most Important Features

  • A powerful drill down tool for searches and can parse a massive amount of logs.
  • A very easy to use UI makes performing investigations easy.
  • The dashboards are user friendly.

Return on Investment

  • It gives the overall view of the environment so we are always aware of our security position.
  • It has created operational effectiveness; we are able to rapidly detect threats and resolve it fast.
  • We have been able to track inappropriate login attempts through tickets.

Other Software Used

Symantec Endpoint Security, Microsoft SQL Server, Google Kubernetes Engine

Effective security at your hands.

Incentivized
Ivan Montilla MirallesView profile
Technical Services in Information Technology at GB Advisors, Inc. (11-50 employees employees)

Pros

  • The Analyze module is very useful for drilling down and winding down with filters what you need to see, regarding incidents and logs. It allows you to be agile and create a case with the current logs, appending them as evidence.
  • The reports module is really easy to use, both for running and configuring them, as long as you have the queries ready for what you need. If you beforehand prepare what you're going to look for in a report, configuring a report from scratch is not hard.
  • The dashboards are also very useful out of the box and easy to configure. You can make sense of the data with the proper queries and a very helpful feature is the ability to see the data with Live Data turned on, you're always on relevance while looking at dashboards.

Cons

  • I wished it didn't need a thick client for configuring the tool. They could perhaps make a different login screen using the web for configuring the tool so you don't need to mix up the configuration of the solution with the security management.
  • The training at the LogRhythm Thrive Partner Portal is somewhat hard. The content is very helpful, but the exams are perhaps too hard even for the 101. I understand there's a challengening part, but the learning curve could be smoothened out instead of making it too steep.
  • I think the licensing of the agents should be more open. Instead of making it extra at a premium rate, you should allow your users to install it freely on their assets and receive logs from those assets.

Return on Investment

  • If your company is big enough (mid-size and upwards), you can see ROI pretty fast along with your other security systems and devices. The renewal process is easy also.
  • LogRhythm has helped us in detecting external attacks on our organization and stopping them, if you spent the time configuring those properly.

Alternatives Considered

AlienVault USM

Other Software Used

AlienVault OSSIM, AlienVault USM, Teamwork Projects, Vtiger, Bomgar Remote Support Software, Bomgar Privileged Access Management, Tenable SecurityCenter, Tenable.io

Fantastic Product For SIEM LogRhythm

Incentivized
Verified User
Professional in Information Technology (10,001+ employees employees)

Pros

  • Paltform
  • UI
  • ENGINE

Cons

  • nothing is missing
  • all good
  • with futuristic room

Most Important Features

  • Enhance decision making
  • Improve compliance & risk management
  • Improve business process agility

Return on Investment

  • Improve business process agility
  • Create internal/operational efficiencies
  • Improve business process outcomes

Alternatives Considered

Arcsight Enterprise Security Manager (formerly HP Arcsight), IBM QRadar and McAfee Enterprise Security Manager

Other Software Used

Arcsight Enterprise Security Manager (formerly HP Arcsight), IBM QRadar, Cybereason Managed Detection & Response (MDR)