We compared Fortinet FortiAnalyzer and LogRhythm SIEM based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real time. Users praised LogRhythm SIEM for its user-friendly centralized dashboard, strong integration capabilities, and event-filtering capabilities. LogRhythm SIEM has the potential to improve its SOAR and NDR features, platform stability, and MDI integration. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. LogRhythm users requested expanded log storage, better load balancing, and streamlined search capabilities.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. LogRhythm SIEM was generally praised for its helpful and knowledgeable support, although there have been occasional delays and knowledge problems.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. LogRhythm SIEM's setup is considered to be straightforward. However, it is more time-consuming and complex for enterprise deployments involving multiple components or vendors, and users often require assistance from professional services or LogRhythm-certified engineers.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. LogRhythm SIEM’s license typically includes all elements. However, enterprise customers may encounter complexities related to additional features and add-ons.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. LogRhythm SIEM has proven to be highly valuable, delivering a significant ROI by reducing the mean time to detect and respond.
"Initial setup is ok."
"FortiAnalyzer's best feature is centralized log analysis. It's based on SQL database, so I can fully customize my report, chart-wise and log-wise, and can create as many reports as I want without any limit."
"It is a simple and solution."
"Fortinet FortiAnalyzer is a complete package for managing our equipment."
"We use this functionality every day, and obtain reports on things like how many people are using the VPN, which websites are being accessed, and whether hackers are trying to penetrate into our network."
"I like its simplicity. It is straightforward. We get reports and emails about the logs, and that's it."
"Separating sections or conditions on Fortinet FortiAnalyzer is quite clear."
"Stability-wise, I rate the solution a ten out of ten since, in our company, we have never experienced the solution crashing or having any other issues."
"The initial setup process is very user-friendly."
"LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it."
"I like LogRhythm's ease of use. The solution has improved compared to previous versions. It had many issues before, like integration, the console, creating reports, false positives, etc. The AI engine has made it stronger in the latest version."
"Its benefits are broad. The solution isn't necessarily made to do any one thing, but it can do anything you tell it to. It is able to tackle any different type or size of job."
"NextGen SIEM's most valuable feature is its user-friendliness."
"I find LogRhythm's log management capabilities to be beneficial."
"It's very easy to create the correlation rules with LogRhythm, and there are some advanced features like SIEM and UEBA, which are also very valuable."
"We have NetFlow information going into it, so we can examine a lot of traffic patterns and anomalies, especially if something stands out and is not the baseline. This helps a lot."
"The UI can be more user-friendly for new users."
"Fortinet FortiAnalyzer could improve by having better integration with other vendors."
"The pricing could be better. They could work to make it more competitive on the market."
"Software reports are good but should match the dashboard and include top-level output instead of just base or low-level devices."
"The UI could use some improvement. It can be tough for a beginner to navigate because you don't know what to do even if you read the guide. I've talked to some users who said that they couldn't figure out what to do even after looking at the documentation."
"The cost of FortiAnalyzer could be cheaper, especially when you are installing to a VM. For 90 percent of customers, the VM solution is enough."
"The deployment of Fortinet FortiAnalyzer is not complex, but integrating it with firewalls can take some time, depending on the number of firewalls."
"The only issue that I can see is with the cost. For example, if you buy support for one year, you are messed up next year. It's better to buy another gateway."
"The console installation is an area with a shortcoming in the solution that needs improvement. If LogRhythm SIEM can offer a web console, it would be great."
"Better integration with different services is needed, as there are quite a few platforms that we use that don't integrate very smoothly with LogRhythm."
"Their ticketing system for managing cases can be improved. They can either do that or adopt some of the open-source ticket systems into theirs. The current system works and gets the job done, but it is very bare-bones and basic. There are some things that could be improved there. They should also bring in more threat intelligence into the product and also probably start to look into the integration of more cloud or SAS products for ingesting logs. They're doing the work, but with the explosion of COVID, a lot of businesses have started to move towards more cloud applications or SAS applications. There is a whole diverse suite of SAS products out there, which is a challenge for them and I get it. They seem to be focusing on the big ones, but it'll be nice to be able to, for example, pull in Microsoft logs from Office 365. They are working towards a better way of doing that, and they have a product in the pipeline to pull logs in from other SAS applications. The biggest thing for them is going to be moving away from a Windows Server infrastructure into a straight-up Linux, which is more stable in my eyes. For the backend, they can maybe move into more of an up-to-date Elastic search engine and use less of Microsoft products."
"There is room for improvement with separate running sources or better integration."
"I would like to see support added for Exchange 2016, and CheckPoint OPSec Lea."
"The initial setup is complex. We are using a LogRhythm partner, at least for the first three years, to help with the monitoring and the deployment of it. We are not a big enough environment where we have people that we can dedicate to it right now."
"I think they probably need to, because a lot of companies are having this cloud-first strategy, where anything that's new has to go into the cloud for some reason."
"The security playbook could be pre-defined and available to other analysts with similar security issues."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 85 reviews while LogRhythm SIEM is ranked 7th in Log Management with 166 reviews. Fortinet FortiAnalyzer is rated 8.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Graylog, Grafana Loki and Datadog, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and Elastic Security. See our Fortinet FortiAnalyzer vs. LogRhythm SIEM report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.