We performed a comparison between Datadog and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"The features that stand out are the detection engine and its integration with multiple data sources."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"It has basic out-of-the-box integrations with multiple log sources."
"We have been able to set very specific CPU and memory alerts, at the very base level, then we started to pull real business value, like 99th percentile response rates for our API calls."
"Straightforward to integrate and automate."
"The solution allows flexibility and heightened observability for presenting data, creating indicators, and setting service-level objectives."
"It provides more cloud data. They tend to just get the way a service would be designed on the cloud."
"We can handle debugging and find out why things are breaking in our applications."
"We enjoy the multistep API tests."
"We integrate our application logs. It is great to be able to tie our metrics and our traces together."
"It has scaled great. I haven't run into any problems anywhere that I've used it. They have handled everything that we have needed them to."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"It helps a lot because we can troubleshoot issues pretty easily."
"Scalability has been good for our needs. We haven't run into any scaling issues in regards to size so far."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"The solution is quite stable."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"Technical support is always great."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"We primarily use the log management functionality, and the only feedback I have there is better fuzzy text searching in logs (the kind that Kibana has)."
"While I like the ease of use, when compared with Tenable Nessus they could still improve their usability."
"Datadog could be improved if it could detect other software in a container or server."
"Datadog could make their use cases more visible either through their docs or tutorial videos."
"Datadog is expensive."
"There is occasional UI slowness and bugs."
"Datadog has a lot of features kind of cramped into one dashboard. It's quite hard to get around what feature does exactly what. There was a steep learning curve, trying to navigate through menus."
"Datadog has a lot of documentation, but a lot of that documentation assumes you know how the service works, which can lead to confusion."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"Sumo Logic needs to make sure integrating solutions are seamless."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"The initial setup is the most stressful, like learning how to use it."
"There are some API gaps that are missing."
Datadog is ranked 3rd in Log Management with 137 reviews while Sumo Logic Security is ranked 20th in Log Management with 18 reviews. Datadog is rated 8.6, while Sumo Logic Security is rated 8.6. The top reviewer of Datadog writes "Very good RUM, synthetics, and infrastructure host maps". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Datadog is most compared with Dynatrace, Azure Monitor, New Relic, AWS X-Ray and Elastic Observability, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and Grafana Loki. See our Datadog vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.