Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs RSA enVision comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
173
Ranking in other categories
Log Management (11th)
RSA enVision
Ranking in Security Information and Event Management (SIEM)
34th
Average Rating
7.2
Reviews Sentiment
6.7
Number of Reviews
6
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of LogRhythm SIEM is 3.3%, down from 4.5% compared to the previous year. The mindshare of RSA enVision is 0.3%, down from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.
reviewer1093020 - PeerSpot reviewer
Though the solution offers good technical support, it needs to be made more user-friendly
I rate the initial setup a seven and a half out of ten. So, it's closer to seven. The tool is deployed in our organization on-premises with some test servers. In only two tests in a test environment, the deployment can be carried out. The deployment time only depends on the size of your infrastructure. If I limit the company's size, it will not take too much time. So, it can be done in seven to eight hours. Regarding the deployment process, we have managed some test servers, after which we need to install some agents. If you include more servers, you need to install more agents. If you want to use agent-based, I would say that it is totally up to the stakeholder. You will get some additional benefits if you can choose the agent since you will be more assured that less positive false positive results you will get from the tool. For deployment, one test server, a few deployment servers, and some policy configurations are done by the OEM with some local support. We used some Windows servers and Linux servers, and we installed some agents in different types of operating systems. So different versions of Linux and different versions of Windows. We also integrate some network devices like firewalls to integrate firewalls and logs. So, the amount of logs and firewalls is too much. I have to engage too many employees for deployment. So there are those for Linux servers, others for Windows servers, and the rest for network devices. One for SIEM policy creation and one for SIEM management administration is also required.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Provides visibility into the network."
"We raise a ticket to LogRhythm, and they will give us their support."
"Their customer support is friendly and willing to help."
"LogRhythm has shown to us, to this point in time, that it has the capabilities of being able to deliver actionable intelligence to the security engineers and analysts."
"Automations are very valuable. It provides the ability to automate some of our small use cases. The ability to integrate with other products that use an API is also very useful. LogRhythm has a plugin for it that we can connect and start to move down towards the path of a single pane of glass instead of having multiple or different tools."
"File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting."
"Alarms are the most valuable feature. We also like the dashboard and how things are at your fingertips. The fact that we can now edit the report templates is going to be a great thing."
"The PCI compliance pieces that help us produce reports for our external auditor, and their support."
"We developed around this solution and received excellent support from the company."
"The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten."
"The most valuable feature is the management features. It's capable of managing large enterprises."
"The most valuable feature of this solution is the reporting."
 

Cons

"I would really like to see some type of group or global management for RIM policies,"
"Sometimes the Platform Manager crashes because it's built around Windows."
"I would like a more fuller implementation of STIX/TAXII so I can pull in some of the government lists without having to go implement a whole new STIX/TAXII platform."
"More help and assistance with some of the open source products, everything seems to be focused on Windows versus giving some guidance and some documentation on how to use it."
"The SOAR capabilities need improvements as they currently require programming knowledge."
"I would probably look for more things to go into the web console that is currently on the fat client."
"It should have some more message monitoring features. It can also have some free message monitoring tools."
"We do about 750 million a day and some days we do 715 million. Some days we do 820 million or 1.2 billion. But there's no way to drill in and find out: "Where did I get 400,000 extra logs today?" What was going on in my environment that I was able to absorb that peak? I have no way to identify it without running reports, which will produce a long-running PDF that I have to somehow compare to another long-running PDF... I would like to see like profiling behavior awareness around systems like they've been gunned to do around users with UEBA."
"Licensing could be improved to be more oriented towards Managed Service Providers (MSPs)."
"RSA enVision log manager is out of date and is not in use anymore."
"The integration could be easier, it should support more products."
"In general, the solution currently isn't user-friendly."
 

Pricing and Cost Advice

"I would recommend talking to the rep. That's the biggest thing because they will know what questions to ask."
"I would recommend that whatever sales quotes to them upfront, they will probably go up. Because they are probably going to outgrow that very quickly or once they start getting everything into it, they are going to have to move up anyway."
"I would rate the pricing 4 out of 5. There are no additional costs to the standard licensing fees."
"We have seen a measurable decrease in the mean time to detect and respond to threats. As it comes out new features and new releases, the window is becoming a lot narrower because you can pivot a lot more with the data. Therefore, the new features and enhancements are reducing that."
"On a scale of one to ten, I'd rate the pricing of this solution as a seven - not too expensive but not cheap either. Regarding licensing costs, it varies depending on factors like being a partner or an end user, but there are no additional costs aside from standard licensing fees for the basic SIEM solution."
"Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
"Everything is expensive with LogRhythm, and you don't get anything for free."
"In the context of our country, the price of this solution is too high."
"We no longer pay a licensing fee because it is out of date and don't pay for support."
"On a scale of one to ten, where one is low, and ten is high price, I rate the pricing a six."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
40%
Computer Software Company
9%
Financial Services Firm
7%
Government
6%
Manufacturing Company
15%
Computer Software Company
13%
Financial Services Firm
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The SOAR capabilities need improvements as they currently require programming knowledge. A more user-friendly user interface with drag-and-drop features, similar to key competitors like Splunk, wou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
What do you like most about RSA enVision?
The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten.
What needs improvement with RSA enVision?
Licensing could be improved to be more oriented towards Managed Service Providers (MSPs). Perhaps offering different types of licensing would be beneficial, as it can be expensive for industries wi...
What advice do you have for others considering RSA enVision?
Overall, I would rate it a nine out of ten. I recommend using it, but it also depends on the needs and the budget. If I still had my company, I think we would continue using RSA enVision. However, ...
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
No data available
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
BPS (SUISSE), Hypovereinsbank Germany, MAX Hamburgers, Infoplex, Neotel, Telus
Find out what your peers are saying about LogRhythm SIEM vs. RSA enVision and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.