We performed a comparison between LogRhythm SIEM and Splunk Cloud Platform based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features of the solution are network monitoring, user behavior analytics, and log collection."
"The alarm functions have helped us cut down on the manual work. They bubble things up to us instead of our having to go look for stuff. Also, from an operational perspective, day to day, the Case Management functions are really useful for us. They allow us to track what we see in the incidents that we have."
"LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it."
"We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior."
"The dashboards in the LogRhythm SIEM really help us as a starting point. It gives us a starting point we can go to every day. We walk through several dashboards to see anomalous activity for further investigation."
"The initial setup process is very user-friendly."
"In terms of security, LogRhythm NextGen SIEM is great."
"AXON has the ability to add and compare use cases."
"The most valuable feature of Splunk Cloud Platform is the alerting feature."
"As compared to other tools, it is very easy. It is very easy to learn. It also integrates well."
"Splunk Cloud Platform's search modes are a powerful feature."
"The Splunk search is powerful compared to similar solutions. We get millions of data points within seconds."
"For my current requirements, the tool theme seems to be meeting my requirements, from a cost and requirements perspective."
"The most valuable feature is we don't have to deal with any back-end server maintenance because the solution is cloud-based."
"The most valuable feature of Splunk Cloud Platform is its flexibility and readiness because it's already prebuilt, and everything is click-to-go."
"The most valuable feature of Splunk Cloud is the quick setup."
"I would like to suggest that they should improve their usage of third party tools for making dashboards and reports. If they would create their own tools for dashboard and report, it would be much better in terms of security purposes."
"I would like to see more integration with more products that are out there within the same security field."
"The customer support system is time-consuming."
"The installation was a bit complex because we are running a virtual infrastructure."
"I think they probably need to, because a lot of companies are having this cloud-first strategy, where anything that's new has to go into the cloud for some reason."
"Sometimes the error-logging is not altogether helpful. For example, on an upgrade, a systems data processor, a Windows box, was throwing an error code like 1083. Then it just stopped and it died right out of the installer and nobody looked. We searched through Google and what it means is the Windows Firewall wasn't turned on so that it could create a rule for the product. Why wouldn't they bubble up that description so that I wouldn't have to call support and I could just know, "Okay, the firewall wasn't turned on. Turn it back on. Re-run the installer and keep going.""
"Scalability-wise, it's not that great."
"We do about 750 million a day and some days we do 715 million. Some days we do 820 million or 1.2 billion. But there's no way to drill in and find out: "Where did I get 400,000 extra logs today?" What was going on in my environment that I was able to absorb that peak? I have no way to identify it without running reports, which will produce a long-running PDF that I have to somehow compare to another long-running PDF... I would like to see like profiling behavior awareness around systems like they've been gunned to do around users with UEBA."
"Its stability and performance can be better. Very rarely does a day go by when we do not see an error in the console, such as a health check error. Because it is cloud-hosted, we do not have access to the backend to figure it out ourselves. We are reliant on their support to figure it out, and a couple of days later, the error comes back or it is a different error. It is a never-ending cycle of support tickets. Their support is also not great."
"They can streamline the process of creating custom apps."
"I have not come across anything that I would consider missing as such. If anything, sometimes we have dashboards that would not go into the dark mode. It is a minor issue, but it is the only thing that I wish was there. The dark mode would definitely help."
"The pricing model makes the product costly."
"In the case of knowledge objects, even a Splunk admin does not have access to delete them. If we want to remove a knowledge object, we need to contact Splunk support and raise a case. After that, they delete it. They should give us access to delete knowledge objects."
"The dashboards should be easier to customize."
"Splunk Cloud Platform should improve its integrations and consider multiple integrations or direct integration with other platforms like Microsoft Azure, Google Cloud, or AWS."
"Although there is documentation available, it is really hard for me to find relevant topics on what it is that I'm searching for."
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Splunk Cloud Platform is ranked 3rd in Data Visualization with 36 reviews. LogRhythm SIEM is rated 8.4, while Splunk Cloud Platform is rated 8.0. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Splunk Cloud Platform writes "Does not require backend maintenance, is easily integrated and utilized". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Microsoft Sentinel, whereas Splunk Cloud Platform is most compared with Wazuh, Splunk Enterprise Security, Fortinet FortiAnalyzer, AppInsights and Check Point Security Management. See our LogRhythm SIEM vs. Splunk Cloud Platform report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.