Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs VMware Aria Operations for Logs comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024
 

Categories and Ranking

LogRhythm SIEM
Ranking in Log Management
10th
Average Rating
8.4
Reviews Sentiment
6.5
Number of Reviews
172
Ranking in other categories
Security Information and Event Management (SIEM) (6th)
VMware Aria Operations for ...
Ranking in Log Management
15th
Average Rating
8.2
Number of Reviews
24
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Log Management category, the mindshare of LogRhythm SIEM is 2.6%, down from 3.8% compared to the previous year. The mindshare of VMware Aria Operations for Logs is 1.1%, down from 2.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Joseph W. - PeerSpot reviewer
Oct 18, 2022
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.
DineshKumar3 - PeerSpot reviewer
Sep 8, 2022
Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies
What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Technical support is very helpful and responsive."
"NextGen SIEM's best feature is how it presents logs."
"I would rate the product a ten out of ten. The solution is very user-friendly and straightforward. The tool's report customization is interesting."
"The AI Engine can take an event and correlate it into something else giving us meaningful context regarding what is going on. We integrated it in with our ticketing system, so if an alarm fires, it raises a ticket in our system."
"Even other products we have that feed into it, instead of having to watch all of them we only have to watch one. For example, we have CrowdStrike, so instead of having to pay attention that solution - because their dashboard doesn't really pop when an alarm comes up - we can see issues with the red on the LogRhythm alarm. That is very nice."
"I find LogRhythm's log management capabilities to be beneficial."
"NextGen SIEM's most valuable feature is its user-friendliness."
"The Web Console is my favorite. It enables me, at a glance, to see the health of the environments."
"The system's management and its alerts are the most valuable aspects of the solution."
"The solution is quite user-friendly."
"vRealize Log Insight has been running without any issues."
"One of the things I like about it is its interface. When it comes to generating reports on VMs and stuff, it's very quick. This is very handy for the technical team, who need to generate reports quickly. So that's really good."
"One of the most valuable features of vRealize Log Insight is that it gives you a clear forecast about your existing machines, for example, how long your machines could be supported and how long the remaining capacity is to host your machines. This is one of the best options available within vRealize Log Insight. Another valuable feature of the solution is automation. My company deploys a lot of automation when required in a very, very short period, and in a very uniform manner, and even if the automation is being deployed for different processes and departments, it's pretty much the same across the environment, so vRealize Log Insight helps reduce a lot of ambiguities and helps my company manage operational efficiencies well."
"It is a very useful tool if you have a VMware environment."
"We use the on-premises version of this solution for log analysis and to find details about certain issues."
"The solution's simplicity, flexibility, and extensibility are valuable features as we can integrate everything in vRealize."
 

Cons

"NextGen SIEM's integration with other software is good but could be improved."
"The installation was a bit complex because we are running a virtual infrastructure."
"Sometimes the Platform Manager crashes because it's built around Windows."
"Move it to Linux. I would like to see it get off the SQL Server."
"LogRhythm NextGen SIEM is currently based only on the Windows platform. This means that some of our customers have to purchase a Windows license elsewhere. If LogRhythm can move to a Linux platform or a proprietary platform, it would be very helpful."
"It should have some more message monitoring features. It can also have some free message monitoring tools."
"LogRhythm SIEM needs improvement in data grouping and manipulation capabilities."
"Sometimes the error-logging is not altogether helpful. For example, on an upgrade, a systems data processor, a Windows box, was throwing an error code like 1083. Then it just stopped and it died right out of the installer and nobody looked. We searched through Google and what it means is the Windows Firewall wasn't turned on so that it could create a rule for the product. Why wouldn't they bubble up that description so that I wouldn't have to call support and I could just know, "Okay, the firewall wasn't turned on. Turn it back on. Re-run the installer and keep going.""
"They should improve their web interface to make it more user-friendly."
"The solution should be more user-friendly. The user interface and dashboard could be simplified."
"It's great for VMware, but it would be good if they had third-party logins."
"The solution is a very good tool, but it has a lot of limitations. One of the main issues is around how you define your retention policy, for instance, in Log Insight. It doesn't have it. You can't define a log retention policy. You also can't define the destination or location for your logs. All of the logs are in one index or one bucket."
"The dashboard needs to be improved because this is what I need to monitor my infrastructure."
"Technical support should be improved."
"Documentation is lacking, including some guide as to how to use the expressions. It is not clear how to look for a log, for example. Some examples in the documentation might be helpful. I think that VMware had good documentation, but it's no longer hosted. The documentation is not as easy to understand as it was before."
"I would like to see more tutorials or at least an introduction video from the supplier, so you can become proficient and get the most out of the solution. You might not get the full benefit from a logging or reporting solution because you might not have a particular tool enabled. You could leave something out of your analysis because you aren't aware of it or you don't know how to set it up."
 

Pricing and Cost Advice

"I would rate the tool's pricing around eight out of ten."
"On a scale of one to ten, where one is low, and ten is high, I rate the pricing between six and seven."
"Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
"On a scale of one to ten, I'd rate the pricing of this solution as a seven - not too expensive but not cheap either. Regarding licensing costs, it varies depending on factors like being a partner or an end user, but there are no additional costs aside from standard licensing fees for the basic SIEM solution."
"I have seen a measurable decrease in the mean time to detect and respond to threats. We went from not detecting them to detecting them. We can actually pick up what is anomalous in our network now."
"The setup and licensing for small and medium size businesses is straightforward, though when it comes to the enterprise it pays to keep in mind the possibility for complications given all the extras and add-ons that may be required."
"We have seen a measurable decrease in the mean time to detect and respond to threats. As it comes out new features and new releases, the window is becoming a lot narrower because you can pivot a lot more with the data. Therefore, the new features and enhancements are reducing that."
"Everything is expensive with LogRhythm, and you don't get anything for free."
"The license cost for any other monitoring tool is too high compared to this product."
"I think it is a reasonably priced product."
"It is not cheap. But it is worth it."
"Pricing could always be lower. If it were free, I would be more satisfied."
"Pricing is good because it is part of the suite package. It comes in a bundle for us."
"The product's price is reasonable, but when it comes to SQL licensing, it's a bit expensive."
"The licensing cost for vRealize Log Insight is a little higher, so in terms of cost, it all depends upon what kind of environment you have. If you have a complete virtualized environment, or at least you're using a ninety-five percent virtualized environment, then vRealize Log Insight will play a very good role because it is a VMware component, so it has very tight integration with other VMware components and systems. This means you don't have to procure any other monitoring and management tool, and you don't need a separate automation tool. vRealize Log Insight will have an upper hand if your environment is purely virtualized on VMware. If you're using a mix of physical and virtual components, for example, a 50:50 ratio, then you need to have a third-party component to manage overall monitoring."
"I rate the product's price a six on a scale of one to ten, where one is cheap, and ten is expensive."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
43%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
Computer Software Company
15%
Government
14%
Financial Services Firm
13%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What do you like most about LogRhythm NextGen SIEM?
LogRhythm does a very good job of helping SOCs manage their workflows.
What is your experience regarding pricing and costs for LogRhythm NextGen SIEM?
LogRhythm's pricing and licensing are extremely competitive and it's one of the top three reasons we continue to invest in the platform.
What do you like most about vRealize Log Insight?
The events are notably more descriptive, aiding in security and event analysis. We've also integrated Sky Collector, providing valuable insights and solutions for troubleshooting.
What is your experience regarding pricing and costs for vRealize Log Insight?
The product's price is reasonable, but when it comes to SQL licensing, it's a bit expensive. So, it's expensive, not extremely expensive. I would rate the pricing a two out of ten, with ten being v...
What needs improvement with vRealize Log Insight?
In terms of vOps, we use templates for optimization to monitor heavy hitters on storage and CPU resources. In the VMware environment, one area for improvement is the handling of VM failovers due to...
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
vRealize Log Insight
 

Learn More

Video not available
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Wildlands Adventure Zoo, Medic Mobile, IBM, Seventy Seven Energy, Baystate Health, Osis, Oxford University, Columbia University, Siemens, Cardinal Health, Ashdod Port, Vasakronan, Sydney Adventist Hospital, University of Derby
Find out what your peers are saying about LogRhythm SIEM vs. VMware Aria Operations for Logs and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.