Try our new research platform with insights from 80,000+ expert users

Google Chronicle Suite vs LogRhythm SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024
 

Categories and Ranking

Google Chronicle Suite
Ranking in Security Information and Event Management (SIEM)
17th
Average Rating
8.0
Number of Reviews
9
Ranking in other categories
No ranking in other categories
LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
6th
Average Rating
8.4
Reviews Sentiment
6.5
Number of Reviews
172
Ranking in other categories
Log Management (10th)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Google Chronicle Suite is 3.5%, up from 0.5% compared to the previous year. The mindshare of LogRhythm SIEM is 3.3%, down from 4.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

AniketGoyal - PeerSpot reviewer
Sep 17, 2024
Seamless integration and advanced threat intelligence with good data management
I am an implementation architect, so I have admin access to Google Chronicle. Google Chronicle is a SIEM tool that collects and stores data from various sources, such as network logs, cloud logs, device logs, security logs, and audit logs. It offers four types of ingestion: forwarder, cloud…
Joseph W. - PeerSpot reviewer
Oct 18, 2022
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Google Chronicle Suite is a highly scalable solution with good search capabilities."
"The platform's most valuable features are multiple connectors and data output flexibility regarding dashboards and user experience."
"The tool's most valuable feature is the search option, allowing easy navigation."
"What sets Chronicle apart from other solutions is its emphasis on threat hunting rather than solely serving as a monitoring tool."
"The product's most valuable feature is threat hunting. We can detect the threats directly from the console from the past data as well."
"The dashboards are clean and clearly written, making it easy to use and understand."
"The log folder is fairly simple."
"The support team is responsive."
"Currently, we are in the implementation phase. LogRhythm is better than QRadar from the point of view of collecting Windows events. It has a much higher view. You can enable monitoring by default."
"It's reliable and the performance is good."
"One of the main features that I like about LogRhythm NextGen SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us."
"The major feature of this solution is its easy configuration which helps different team members to work on it effectively. This kind of feature is not available in other solutions because of a request for specialised schemes for configuration report extraction and searching. Another feature that I really admire is the significant improvement in the compliance in the auditing process by the solution. Our organisation-specific complaints require where the mailbox data needs to be forwarded, stored and searchable for a certain time period. This solution categorises data based on different types, which include cold, warm and hot data. These features allow faster and easier extraction of any data even if the event was occurring several years ago. I also like other features, especially user behaviour analysis and automation. If suddenly someone accesses your side or an unusual traffic is recorded from a user the solution flags it very effectively."
"We now have a central point of monitoring for all potential threats."
"It's very easy to create the correlation rules with LogRhythm, and there are some advanced features like SIEM and UEBA, which are also very valuable."
"SOAR is integrated with the dashboard that we use for threat management. Because it's all integrated, it is useful for us when we deploy something on-prem."
"We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior."
 

Cons

"The solution's graphical user interface (GUI) should be more user-friendly."
"The tool needs to improve tasking packages. Its GUI needs to be improved. The product needs to include time-based filtration. We can only see the alert detection timeline now."
"The tool is a little bit difficult to use compared to Microsoft Sentinel."
"In terms of improvement, the UI can be a bit challenging for beginners."
"A few areas are difficult to understand for someone who has less experience using the product."
"The tool is complicated for a first-time user. It should also include newer APIs."
"The configuration is not optimal."
"The product's default dashboard feature has a few limitations regarding availability."
"I would really like to see some type of group or global management for RIM policies,"
"I think they probably need to, because a lot of companies are having this cloud-first strategy, where anything that's new has to go into the cloud for some reason."
"When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4."
"Appliance-based setups can sometimes pose scalability issues"
"It's not easy for someone new to the solution."
"We've tried to work with a couple of engineering department guys there. We've called them and called them but we never hear anything back."
"It is a product that is very hard to use."
"More detail in the alerts given to avoid additional searches, as often the source or destination associated with the alert is not evidenced."
 

Pricing and Cost Advice

"We have to pay extra charges for the amount of data transfer and technical support services."
"The solution's pricing is dependent on the data amount."
"Compared to other solutions, Google Chronicle Suite's pricing is fine."
"The tool is cheaper than Microsoft Sentinel."
"On a scale of one to ten, where one is low, and ten is high, I rate the pricing between six and seven."
"The pricing is very reasonable and accessible compared to other products in the market but I am not very sure about the exact licensing cost per year for our company."
"I would recommend talking to the rep. That's the biggest thing because they will know what questions to ask."
"Everything is expensive with LogRhythm, and you don't get anything for free."
"The solution has provided us with consistency and increased staff productivity through orchestrated automated work flows by at least 20 percent."
"I would rate the pricing 4 out of 5. There are no additional costs to the standard licensing fees."
"In the context of our country, the price of this solution is too high."
"LogRhythm's licensing is based on MPS. There are some add-on features like advanced UEBA, the cloud component for advanced UEBA, and SIEM."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Computer Software Company
13%
Retailer
8%
Manufacturing Company
6%
Educational Organization
43%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Google Chronicle Suite?
Google Chronicle Suite is a highly scalable solution with good search capabilities.
What needs improvement with Google Chronicle Suite?
The tool is perfectly fine, and I have not faced any challenges while using it.
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What do you like most about LogRhythm NextGen SIEM?
LogRhythm does a very good job of helping SOCs manage their workflows.
What is your experience regarding pricing and costs for LogRhythm NextGen SIEM?
LogRhythm's pricing and licensing are extremely competitive and it's one of the top three reasons we continue to invest in the platform.
 

Also Known As

No data available
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Learn More

 

Overview

 

Sample Customers

Information Not Available
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Find out what your peers are saying about Google Chronicle Suite vs. LogRhythm SIEM and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.