Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs syslog-ng comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm SIEM
Ranking in Log Management
11th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
173
Ranking in other categories
Security Information and Event Management (SIEM) (7th)
syslog-ng
Ranking in Log Management
19th
Average Rating
8.6
Reviews Sentiment
6.3
Number of Reviews
5
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of LogRhythm SIEM is 2.2%, down from 3.4% compared to the previous year. The mindshare of syslog-ng is 2.6%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.
RyanVargas - PeerSpot reviewer
It's a user-friendly open-source solution that can replace or augment a commercial product in some cases
I rate syslog-ng 10 out of 10. It's free and easy to use. It has built-in tools that help us index the various logs sent to it. It's a solid log product. If you're looking for a SIEM solution, syslog-ng will work as a stopgap measure at beginning of the project. It can also work as an injector for a true SIEM solution. You can send all the logs to syslog-ng and forward all the data to the SIEM solution after you've cleaned up the data and got the pertinent information. It's a good front end for a commercial SIEM solution, which becomes more expensive as you load more data into it. I would highly recommend syslog-ng for that use case. However, if you lack the expertise, you might need to go with a cloud-based SIEM instead. You need some in-house expertise or an outside consultant to manage it and set it up.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"What I found most valuable in LogRhythm NextGen SIEM is that it's user-friendly. I also like its dashboard, which shows all the logs and information I want to see."
"NextGen SIEM's best feature is how it presents logs."
"File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting."
"The initial setup process is very user-friendly."
"The security operation center is excellent."
"The most useful feature that I've found so far is the search function. I like all the different ways you're able to search through metadata and the different ways you're able to correlate or search through logs to find out what's going on."
"The dashboards in the LogRhythm SIEM really help us as a starting point. It gives us a starting point we can go to every day. We walk through several dashboards to see anomalous activity for further investigation."
"The PCI compliance pieces that help us produce reports for our external auditor, and their support."
"The ability to extract and store the logs is the most valuable feature of syslog-ng."
"Syslog-ng has a separate config file in addition to the core configuration."
"For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."
 

Cons

"The SOAR capabilities need improvements as they currently require programming knowledge."
"It should be improved for automated setup and auto-configuration. There should be ease of integration and ease of setup."
"When we originally got LogRhythm, their tech support was fantastic, and I loved them. Now, we don't quite get as quick of a response. I've been disappointed in the more recent tech support. When you call in, they'll say that they will get you somebody, and you'll finally get someone who will contact you back a day or so later. Whereas before, I would get help right away."
"It is a product that is very hard to use."
"The initial setup is complex. We are using a LogRhythm partner, at least for the first three years, to help with the monitoring and the deployment of it. We are not a big enough environment where we have people that we can dedicate to it right now."
"NextGen SIEM's integration with other software is good but could be improved."
"LogRhythm SIEM needs improvement in data grouping and manipulation capabilities."
"The integration is slightly difficult with other assets, like EDR technologies or firewalls."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"The filtering has room for improvement."
"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."
"There is always the potential for additional integration and protocol extensions."
"There is room for improvement in terms of observability."
 

Pricing and Cost Advice

"On a scale of one to ten, I'd rate the pricing of this solution as a seven - not too expensive but not cheap either. Regarding licensing costs, it varies depending on factors like being a partner or an end user, but there are no additional costs aside from standard licensing fees for the basic SIEM solution."
"The setup and licensing for small and medium size businesses is straightforward, though when it comes to the enterprise it pays to keep in mind the possibility for complications given all the extras and add-ons that may be required."
"I would rate the tool's pricing around eight out of ten."
"I would recommend talking to the rep. That's the biggest thing because they will know what questions to ask."
"If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation."
"I give the price a six out of ten."
"The pricing is very reasonable and accessible compared to other products in the market but I am not very sure about the exact licensing cost per year for our company."
"LogRhythm's licensing is based on MPS. There are some add-on features like advanced UEBA, the cloud component for advanced UEBA, and SIEM."
"Syslog-ng is a free open-source solution."
"Syslog-ng is open-source."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
40%
Computer Software Company
9%
Financial Services Firm
7%
Government
6%
Government
13%
Computer Software Company
13%
Financial Services Firm
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The SOAR capabilities need improvements as they currently require programming knowledge. A more user-friendly user interface with drag-and-drop features, similar to key competitors like Splunk, wou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
What do you like most about syslog-ng?
For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior.
What is your experience regarding pricing and costs for syslog-ng?
The pricing is in the middle. I would rate the pricing a six out of ten, with one being expensive and ten being cheap.
What needs improvement with syslog-ng?
There is room for improvement in terms of observability. Additionally, a possible new feature could be Kafka integration.
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
No data available
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Tecnocom, University of Victoria, University of Exeter, Datapath
Find out what your peers are saying about LogRhythm SIEM vs. syslog-ng and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.