Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs Microsoft Purview Audit comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm SIEM
Ranking in Log Management
11th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
173
Ranking in other categories
Security Information and Event Management (SIEM) (7th)
Microsoft Purview Audit
Ranking in Log Management
45th
Average Rating
8.0
Reviews Sentiment
8.1
Number of Reviews
2
Ranking in other categories
Microsoft Security Suite (31st)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of LogRhythm SIEM is 2.2%, down from 3.4% compared to the previous year. The mindshare of Microsoft Purview Audit is 0.3%, down from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.
Nagendra Nekkala - PeerSpot reviewer
Enables us to create a user in the cloud and give them access to resources through a single workflow
The PAM for Active Directory is good. ActiveOps is quite useful as a feature. The One Identity active role enables us to create a user in the cloud and give them access to resources through a single workflow. We can create rules-based access. It helps us control audit management and IT access management. We can decide what people can access and detect job functions. It enables zero trust security with hybrid AD, find delegation, and role-based access control. It provides all certificates and provides secure authentication, call-based access control, et cetera. It's really important for my critical applications. We can see who's using what, whether they are authorized, and other information to decide what access to offer. With the active role console, I can find out the obvious issues and also perform a decent setup. The One Identity active roles enable us to reduce password reset times. We can handle tasks in a matter of a minute. It simplifies AD and Azure AD management, efficiency, and security overall. The password manager is very secure and is a self-service password manager solution. It is considerably decreasing my help desk tasks. Our engineering users can reset forgotten passwords, and it can implement a stronger password. The management around access to enterprise resources keeps my data and systems secure. We're easily saving at least one hour per day using this solution. The migration from AD to Azure AD is very easy. There are simple configurations, and the migration goes rather smoothly. We use the solution support for SaaS apps through Cloud Delivered SCIM connectors. There are controls that can be configured and we can add and set permissions easily.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The alarm functions have helped us cut down on the manual work. They bubble things up to us instead of our having to go look for stuff. Also, from an operational perspective, day to day, the Case Management functions are really useful for us. They allow us to track what we see in the incidents that we have."
"This solution has improved our organization in many different ways. The biggest benefit is being able to view all information in one dashboard instead of having to look at several different applications and dashboards. I can see information across our entire environment and every aspect of our network."
"Alarms are the most valuable feature. We also like the dashboard and how things are at your fingertips. The fact that we can now edit the report templates is going to be a great thing."
"NextGen SIEM's best feature is how it presents logs."
"The ability to investigate a particular period of time where you can analyze logs is its most valuable feature."
"The artificial intelligence engine."
"LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis."
"Its ability to work with all different sorts of log sources has been extremely valuable."
"We're easily saving at least one hour per day using this solution."
"The platform has significantly enhanced our operational insight into the overall Microsoft 365 environment."
 

Cons

"I would like to see support added for Exchange 2016, and CheckPoint OPSec Lea."
"We had a little bit of difficulty implementing a disaster recovery situation because it was leveraging only Microsoft native DNS and it wouldn't work with our Infoblox DNS deployment that we use in our environment. They've been working on that behind the scenes."
"I would like a more fuller implementation of STIX/TAXII so I can pull in some of the government lists without having to go implement a whole new STIX/TAXII platform."
"It should have some more message monitoring features. It can also have some free message monitoring tools."
"We're still struggling to get a real return on it and finding something that isn't false noise."
"I face stability issues every quarter that necessitate corrective maintenance."
"Move it to Linux. I would like to see it get off the SQL Server."
"The installation was a bit complex because we are running a virtual infrastructure."
"We do have a Denial of Access happening."
"Areas for product improvement include enhancing customization options and integrating more comprehensive compliance features."
 

Pricing and Cost Advice

"I would recommend talking to the rep. That's the biggest thing because they will know what questions to ask."
"I would rate the tool's pricing around eight out of ten."
"I give the price a six out of ten."
"On a scale of one to ten, I'd rate the pricing of this solution as a seven - not too expensive but not cheap either. Regarding licensing costs, it varies depending on factors like being a partner or an end user, but there are no additional costs aside from standard licensing fees for the basic SIEM solution."
"I have seen a measurable decrease in the mean time to detect and respond to threats. We went from not detecting them to detecting them. We can actually pick up what is anomalous in our network now."
"The support which allows more customized to the environment when we are deploying new systems is called Professional Service and is very expensive. The technical annual support and there is an annual fee."
"Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
"We work with French-speaking African countries, and it costs more than the average SIEM solution. Also, the pricing isn't too flexible. AlienVault, Splunk, and IBM QRadar are more suitable for customers on a tight budget."
Information not available
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
40%
Computer Software Company
9%
Financial Services Firm
7%
Government
6%
Financial Services Firm
18%
Computer Software Company
13%
Educational Organization
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The SOAR capabilities need improvements as they currently require programming knowledge. A more user-friendly user interface with drag-and-drop features, similar to key competitors like Splunk, wou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
What needs improvement with Microsoft Purview Audit?
Areas for product improvement include enhancing customization options and integrating more comprehensive compliance features.
What is your primary use case for Microsoft Purview Audit?
We utilize Microsoft Purview Audit for monitoring security and compliance aspects.
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
No data available
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Information Not Available
Find out what your peers are saying about LogRhythm SIEM vs. Microsoft Purview Audit and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.