Try our new research platform with insights from 80,000+ expert users

AlienVault OSSIM vs LogRhythm SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AlienVault OSSIM
Ranking in Security Information and Event Management (SIEM)
10th
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
31
Ranking in other categories
No ranking in other categories
LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
173
Ranking in other categories
Log Management (11th)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 3.9%, up from 3.6% compared to the previous year. The mindshare of LogRhythm SIEM is 3.3%, down from 4.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Aman Aijaz - PeerSpot reviewer
An easy-to-scale open-source solution used for monitoring events on devices
The area for improvement is a lot. When I started using it on our enterprise side, the issue we faced was, for example, if we were running at that time on AlienVault OSSIM v5.7.4. So, for some orders, we had to install some packages, and when we tried installing that package, some dependencies got upgraded to a new version. Now once that dependency got upgraded, the SQL, since you might be aware that OSSIM uses SQL database, now SQL and all the dependency in everything was not on the same version, and that caused the database to crash. The aforementioned area should be eased out by upgrading the patches and upgrading dependencies. This kind of thing is a disadvantage of OSSIM, and I would like them to work on this. But I have also raised service requests many times and gave it a push on the community section too. However, since it is a local source, they don't reply much over there. That is why I don't like to work on OSSIM because it is unpredictable. Once the storage goes above 50 percent, it starts behaving unpredictably. If you get stuck with a situation, then you need to drill a lockdown into that. Sometimes you get no luck. Then you have to just reimage the server with the new fresh OS of AlienVault. As for additional features, not much because if you move to the newer version, it is kind of getting more stable. But, to make my life easier, then I would say try to give more features. I know it's open source, so they also cannot provide me with more features. But still, if they can provide me with more features because right now it's becoming old. Right now, we are even moving from SIEM to Security Data Lake. So when we move to it, this will be literally outdated. No one can even expect anything out of it. The way security is moving, it will be outdated very soon. They have to also provide something new to keep this going for the future also.
Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"The dashboard is the solution's most valuable aspect. It brings everything into one central point where I can actually look at it and go, "Okay, I understand what's going on.""
"The paid version of the solution has reporting and better scalability options."
"The product is easy to use."
"AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations."
"The solution has a very good open source community, and whenever we have problems, we are always able to resolve it online."
"It has helped us remediate threats in the past by providing significant events that assisted in identifying suspicious activities, such as logins from multiple countries."
"The threat policies of the solution are always very advanced and the best in the market. They are very persistent in terms of keeping up with security protocols."
"In general, the visibility of events and advanced analysis of events are good."
"Overall effectiveness is very good. I like how it is oriented to both analysts and technical support people. It's easily adopted by end users as much as by technologists."
"The most valuable feature of LogRhythm for me is the ability to correlate logs throughout many different log sources."
"LogRhythm does a very good job of helping SOCs manage their workflows."
"When it comes to dealing with support, all my interactions have been great. Everyone has known what they're doing and have been quick to respond. They seem to always know the answer. I haven't stumped anybody yet."
"It has helped us centralize and have better visibility into devices on our network. We are better able to respond to threats in a timely manner."
"Compliance reporting is another great feature of this product. It has built in reports right out of the box."
"It allows us to automate a lot of things with a smaller team."
 

Cons

"Lacking in depth of reporting."
"The user interface could be improved."
"The user interface needs to be friendlier across the board."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"The solution is not scalable."
"Sometimes technical issues take very long to get resolved."
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."
"We need more dashboards and we need more customization for dashboards."
"There is room for improvement with separate running sources or better integration."
"One thing we have mentioned to them before is that we'd like to be able to do searches, or drill-downs, directly from an alarm. When you click it and the Inspector tab slides out, that might be a good place to be able to click the host to search for the last 24 hours. I know the search is right there but it would be even nicer to just click that and then have an option to search something there."
"My biggest issue - I know that they say they're doing it - is that the API-building is extremely important. They keep saying it's coming, it's coming. It's not coming fast enough. I don't care if they need to double their team size to get it out there quicker, the world is already in the cloud and we can't monitor it. That's a big problem for us. My boss keeps coming to me about it. That's an issue."
"I would like to see support added for Exchange 2016, and CheckPoint OPSec Lea."
"NextGen SIEM has separate rules for AI, advanced intelligence, and MP rules - it would be better to have a centralized way to write the rules and create alarms."
"NextGen SIEM's integration with other software is good but could be improved."
"I would like to see more integration with more products that are out there within the same security field."
"Better integration with different services is needed, as there are quite a few platforms that we use that don't integrate very smoothly with LogRhythm."
 

Pricing and Cost Advice

"The solution is open source, so it's free to use."
"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."
"When comparing AlienVault OSSIM to Microsoft Sentinel, AlienVault OSSIM incurs additional costs due to its licensing price structure. If you are using AlienVault for security purposes at a certain level it can have a higher price point than the current pricing of Microsoft Sentinel."
"The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this."
"AlienVault pricing is the best. Whatever cost you are paying, you are getting a return on every penny... It's not like your IBM, your QRadar, or Splunk, where the cost is too high."
"OSSIM is free."
"We are using a free version of the solution. If you purchase a license there are more features available but the price is a little high. The solution should be cheaper to allow more customers to be able to afford it."
"AlienVault OSSIM is an open-source solution."
"I would recommend that whatever sales quotes to them upfront, they will probably go up. Because they are probably going to outgrow that very quickly or once they start getting everything into it, they are going to have to move up anyway."
"The license cost is around $10 per MPS."
"We have seen a measurable decrease in the mean time to detect and respond to threats. As it comes out new features and new releases, the window is becoming a lot narrower because you can pivot a lot more with the data. Therefore, the new features and enhancements are reducing that."
"We did a five-year agreement. We pay close to a quarter of a million dollars for our solution."
"NextGen SIEM's pricing is moderate."
"The setup and licensing for small and medium size businesses is straightforward, though when it comes to the enterprise it pays to keep in mind the possibility for complications given all the extras and add-ons that may be required."
"I would recommend talking to the rep. That's the biggest thing because they will know what questions to ask."
"Look for whatever will give you the most value. That's the main point. It is not one size fits all."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Comms Service Provider
10%
Financial Services Firm
9%
University
7%
Educational Organization
45%
Computer Software Company
9%
Financial Services Firm
6%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for AlienVault OSSIM?
It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput usage. Because it's a software as a service solution for their core product for U...
What needs improvement with AlienVault OSSIM?
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implement...
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The SOAR capabilities need improvements as they currently require programming knowledge. A more user-friendly user interface with drag-and-drop features, similar to key competitors like Splunk, wou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
 

Also Known As

OSSIM
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Overview

 

Sample Customers

Council Rock School District
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Find out what your peers are saying about AlienVault OSSIM vs. LogRhythm SIEM and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.