Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs Sumo Logic Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.5
LogRhythm SIEM is praised for improving visibility, reducing response times, and enhancing productivity for medium-sized organizations through automation.
Sentiment score
7.6
Sumo Logic Security enhances efficiency and ROI by streamlining troubleshooting and log access without needing widespread credential distribution.
 

Customer Service

Sentiment score
6.3
LogRhythm SIEM's customer service is praised for quick, knowledgeable support, though higher-level assistance can have occasional delays.
Sentiment score
7.4
Sumo Logic Security's customer support is praised for responsiveness and effectiveness, although some report slower responses and no phone support.
They have a response time of forty-eight hours, which is not instant support.
 

Scalability Issues

Sentiment score
7.0
LogRhythm SIEM is mostly scalable but faces challenges with older models, licensing, and cloud environment costs for smaller businesses.
Sentiment score
8.0
Sumo Logic Security is highly scalable, efficiently accommodating diverse environments and data volumes, with users rating its scalability highly.
 

Stability Issues

Sentiment score
6.1
LogRhythm SIEM is stable and reliable, though minor issues occur during upgrades or with complex queries and high event rates.
Sentiment score
8.1
Sumo Logic Security is stable and efficient, experiencing minimal issues, with stability ratings from seven to nine out of ten.
If there are many records, the system may stop or the UI may become unresponsive.
 

Room For Improvement

LogRhythm SIEM needs interface, integration, and performance improvements, enhanced tools, better documentation, streamlined processes, automation, and user-friendly dashboards.
Sumo Logic Security needs better dashboards, pricing, automation, scalability, log handling, correlation, mapping, and faster support response.
The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk.
 

Setup Cost

LogRhythm SIEM offers transparency and competitive pricing, valued for features, despite high costs for large-scale deployments and services.
Sumo Logic offers competitive pricing on AWS Marketplace, valued for simplicity and functionality but costly for smaller organizations.
 

Valuable Features

LogRhythm SIEM excels in threat detection with AI, ease of use, extensive log collection, and seamless integration, enhancing security visibility.
Sumo Logic Security provides customizable alerts, real-time observability, and seamless integrations for comprehensive, scalable security monitoring and forensics.
If we cannot find the data in other tools, like email security or NDR, we can fetch those logs in the Log Analytics platform of Sumo Logic.
 

Categories and Ranking

LogRhythm SIEM
Ranking in Log Management
10th
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
172
Ranking in other categories
No ranking in other categories
Sumo Logic Security
Ranking in Log Management
21st
Ranking in Security Information and Event Management (SIEM)
21st
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
19
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (13th)
 

Mindshare comparison

As of December 2024, in the Security Information and Event Management (SIEM) category, the mindshare of LogRhythm SIEM is 3.6%, down from 5.0% compared to the previous year. The mindshare of Sumo Logic Security is 0.9%, down from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Joseph W. - PeerSpot reviewer
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.
Moole Muralidhara Reddy - PeerSpot reviewer
Used to store and monitor application logs and VPC flow logs
We are mainly concentrating on networking. We use VPC products and application logs to monitor the genuineness of users who have logged in. We also store and monitor GuardDuty logs to see if someone is trying to access the same server multiple times. We are storing and monitoring WAF logs and GuardDuty logs. If someone faces any issues, we'll receive an email and take action based on it. If someone tries to access one of the applications from a different country, we can search in Google and identify the location of that particular IP address. Sumo Logic Security identifies whether a particular IP address is low, medium, or high risk without the help of Google. We can store logs in CloudWatch, but it is very difficult to search them in CloudWatch. We should know the query in order to do that. Searching for logs with Sumo Logic Security is very easy compared to CloudWatch. We have been using the solution for more than two years and haven't faced any issues with the solution's availability. I would recommend the solution to other users. I would recommend Sumo Logic Security instead of AWS, CloudWatch, or CloudTrail. With Sumo Logic Security, you can capture and see all the logs in a single place. If some issues occur, you can log into the solution and verify all the logs. At an organizational level, we have multiple AWS accounts for different environments. Instead of logging in to all the AWS accounts, you can log in to Sumo Logic Security and verify everything. Overall, I rate the solution a nine out of ten.
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
824,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
45%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
Computer Software Company
16%
Financial Services Firm
11%
Government
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The integration is slightly difficult with other assets, like EDR technologies or firewalls. Also, the back end is not as user-friendly as other solutions like IBM QRadar. The technical support is ...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
What do you like most about Sumo Logic Security?
Sumo Logic Security is a good solution for searching the logs and identifying the issues.
What needs improvement with Sumo Logic Security?
The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk. Sometimes logs will not fetch, and there are issues if the log volume exceeds a threshold. Not every...
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
No data available
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Information Not Available
Find out what your peers are saying about LogRhythm SIEM vs. Sumo Logic Security and other solutions. Updated: December 2024.
824,053 professionals have used our research since 2012.