Sign in
Categories
Migration Mapping Assistant Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

LogRhythm NextGen SIEM Platform 7.4.9

LogRhythm | LogRhythm NextGen SIEM 7.4.9

Windows, Windows Server 2016 with SQL Server 2016 Standard Windows Server 2016 with SQL 2016 Standard Edition - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

115 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Dave D.

LogRhythm- Great SIEM

  • September 16, 2020
  • Review provided by G2

What do you like best?
LogRhythm, like any other SIEM, can be a complicated platform. Having used two other SIEM platforms, LogRhythm has one of the most streamlined configurations and overall usability. The SIEM comes with both a thick-client and web interface. The thick-client is comprehensive, while the web interface features the most common features such as dashboards, and SOAR.
What do you dislike?
LogRhythm relies heavily on the thick-client for most of the configuration, which has traditionally been the case with most SIEM platforms. The web interface is not as comprehensive as I would like. Some of the flat-file ingestion of logs, such as for an email gateway (Mimecast) integration is less than stellar as their is no direct integration with the Mimecast platform.
What problems are you solving with the product? What benefits have you realized?
Using a robust platform, such as LogRhythm allows us to ingest logs from across the enterprise, including infrastructure, servers, and end-user workstations, allow for aggregation and correlation across all logs. This allows us a single pane of glass to review security logs and potential incidents.
Recommendations to others considering the product:
If you are looking for a streamlined SIEM, LogRhythm is the platform for you. LogRhythm, with the release of 7.5, appears to be incorporating more features into the web interface, which is definitely a step in the right direction.


    Mohammed B.

LogRhythm NextGen SIEM

  • September 14, 2020
  • Review provided by G2

What do you like best?
This particular solution is primarily used by our staff also as by firewall administrators. We put it to use to aggregate logs, correlate functions and automate firewall protection policies. The main purpose of its is actually updating the security policy depending on the changing threat vectors of the Internet of ours.
What do you dislike?
The administrator management panel is quite unintuitive and some functions are hard to find
What problems are you solving with the product? What benefits have you realized?
Major issues in multi-platform hunting and threat detection. We also have to communicate the maturity of ours and security potential much more accurately.
Recommendations to others considering the product:
LogRhythm is actually perfect for management logs from systems that are different, correlating events and giving a worldwide view of the ecosystem. One of the main advantages of its is actually the control board, information mining, search as well as alarm continuity.


    Jose P.

Logrhythym Information

  • July 31, 2020
  • Review provided by G2

What do you like best?
How logrhythm offers appliance, cloud and software install. This helps when you depend on a data center to provide infrastructure to spin up VM's. Also how we can customize dashboards for different teams. Restrict what other teams can see. How can we remove unwanted logs from being captured thus making appliance faster. Integration with Microsoft, such Azure and O365, specially the security components.
What do you dislike?
Integration with not well known devices, such mikrotik. I could leverage API, but there are not much information on how to use API. This is not Logrhythm fault, but I would like to see more local groups that are using Logrhythm to collaborate so we can discuss issues or features that can benefit each other.
What problems are you solving with the product? What benefits have you realized?
Alerts, that's the core for us, data storage and plus nice dashboards that we can broadcast to upper management. Also how we can customize dashboards for different teams. Support is amazing. Incident response is great, Logrhythm community is amazing. Pro support is great too. It has helped spot attacks on web services, DMZ, web pages, network equipment ans users.
Recommendations to others considering the product:
Logrhythm has integration with many software and appliances. Sometimes integrations are not easy, but once integration is done, Logrhythm can pretty much alert on anything.


    Thivaharan R.

LogRythm is a good addition to an organizations security infrastructure

  • July 16, 2020
  • Review provided by G2

What do you like best?
LogRythm NextGen SIEM is a very useful addition to the security infrastructure. Through LogRythm it is possible to monitor all the devices within the network and get real-time alerts regarding security incidents. Investigating a security incident through LogRythm is very easy because the tool grabs the necessary information and provides it to the user. The suggested response increases the speed of the response. LogRythm also has very interactive interfaces which make it easy to use.
What do you dislike?
There is nothing bad to say about this product.
What problems are you solving with the product? What benefits have you realized?
LogRythm allows us to easily monitor, track and resolve security incidents.
Recommendations to others considering the product:
I would recommend LogRythm for use in an organizational enviornment.


    Chetan G.

Just another SIEM with fancy Dashboards

  • June 18, 2020
  • Review provided by G2

What do you like best?
- Logrhythm is very easy to deploy
- Log source monitoring and administration is very flexible and easy to configure.
- Huge Library of OOB connectors
- Endpoint Forensic collection is very easy through its System Monitor Agents
- Log visualization and threat hunting is very easy and flexible.
- Logrhythm community is very good resource for customers, partners and administrators
What do you dislike?
- frequent SIEM breakdowns, Stability issues.
- Rule based correlation heavily dependent on Analyst skills.
- Performance impact if large set of data is visualized on WebUI.
What problems are you solving with the product? What benefits have you realized?
Compliance regulations
Forensic Investigation

Benefits -
Provides complete visibility to Security Operations team
Recommendations to others considering the product:
Logrhythm has excellent integration and visualization capabilities, but lack on advance correlation, machine learning analytics and UEBA capabilities.


    John Q.

Logrhythm Experience

  • May 26, 2020
  • Review provided by G2

What do you like best?
Customer support is amazing & I had some P1 & P2 cases with them & got support immediately
What do you dislike?
Nothing so far but they should have trial option available for future customers
What problems are you solving with the product? What benefits have you realized?
Monitoring Network
Recommendations to others considering the product:
Have a call with Sales team & go for a demo


    Manoj s.

LogRhythm is the main SIEM solution we are currently using in securing the enterprise environment.

  • May 26, 2020
  • Review provided by G2

What do you like best?
LogRhythm is one of the best SIEM solutions i have used so far. it provide security analysts ability to perform quick drill down investigations and do deep analysis of the security incidents. It has a easy to use UI design and performing investigations on the LogRhythm is very easy. Quick filters in the investigations are also very helpful in investigations.
Ability to integrate all the major product and services logs, as well as support for all the one offs.
It has a user-friendly dashboard. Therefore, even a beginner can easily understand and monitor the dashboard. Also, I like to dark theme of the LogRhythm.
It was competitively priced compared to other SIEM solutions and they helped with the entire deployment so that was greatly appreciated.
The best part of the SIEM is the quick review of logs. Customer service responses quickly, and continues until the problem is resolved. Installation was not difficult, but configuration is the biggest challenge. Linux systems are simple to configure for log forwarding but the Windows side required some research and trial and error. There are some components in my network that had to be upgraded to integrate with the SIEM.
What do you dislike?
Actually, the correlation is a little bit difficult thing. So, you should have a good knowledge of that. Also, somewhat expensive when compared with other similar products.
Product implementation is somewhat difficult and we faced some log parsing issues when the logs were forwarded from Arcsight SIEM log forwarder to the LogRhythm log Collectors.
I don’t like the login screen. I just think it doesn’t fit well with a security management tool. Also, LogRhytm needs to improve with its documentation. There are too many tutorials written, but maybe adding video content with the most common issues could work better. Also, the information showed when an alarm rings should be configurable, in order to show only the priority data.
What problems are you solving with the product? What benefits have you realized?
LogRhythm AI engine rules and alarm system is very helpful to detects malicious activities quickly. Use-Cases can create with various functionalities that is very helpful while creating effective use cases.Another super feature is LR search option. we could run a log search with different type of filters for given time period. LR event search feature always helps to catch AI engine rules and also logs that became events.This feature very helpful while incident investigating.
LogRhythm is very flexible, you can either run it virtually, on your own hardware or using an Appliance. It is straightforward to set up exactly how you want it, whether you are an IT department or a stand-alone SOC.
Recommendations to others considering the product:
The professional service guys are great. They always seem to be up for a challenge. We've had some interesting items pop-up where those guys will dig right in to attempt to get what we need via an alarm, dashboard, or report.


    Priyankar P.

Devices Under Your Control

  • May 18, 2020
  • Review provided by G2

What do you like best?
LogRhythm has great potential to monitor your network devices. One of the features i liked was its Change Management and ability to track changes and also its Compliance features. Its very interactive.
What do you dislike?
Could use more network devices vendor to console. It had only major vendors.
What problems are you solving with the product? What benefits have you realized?
Change Management & Compliance


    Michael H.

SIEM REVIEW

  • May 16, 2020
  • Review provided by G2

What do you like best?
UI is amazing & easy to use. They have proper documentation & training available
What do you dislike?
No trial available like other SIEM products
What problems are you solving with the product? What benefits have you realized?
Incident Response,
Reduce response time
Recommendations to others considering the product:
Amazing SIEM , may be one of the best currently


    Accounting

SOC Analyst with multiple SIEM tools

  • May 12, 2020
  • Review provided by G2

What do you like best?
Easy to learn and manage for SIEM events
What do you dislike?
Needs some more automated features for repetitive jobs
What problems are you solving with the product? What benefits have you realized?
Investigated cybersecurity event alerts from various sources along with defined rules
Recommendations to others considering the product:
It would be great if it will support any feature like AI to minimize repetitive task to maximize SOC's performance