I like LogRhythm's ease of use. The solution has improved compared to previous versions. It had many issues before, like integration, the console, creating reports, false positives, etc. The AI engine has made it stronger in the latest version.
System Administrator at GOLDENWEST FEDERAL CREDIT UNION
Real User
2022-10-18T09:15:00Z
Oct 18, 2022
One of the main features that I like about LogRhythm NextGen SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us.
The most useful feature that I've found so far is the search function. I like all the different ways you're able to search through metadata and the different ways you're able to correlate or search through logs to find out what's going on.
Senior Security Analyst at a transportation company with 501-1,000 employees
Real User
2022-10-16T09:09:00Z
Oct 16, 2022
The dashboards in the LogRhythm SIEM really help us as a starting point. It gives us a starting point we can go to every day. We walk through several dashboards to see anomalous activity for further investigation.
This solution has improved our organization in many different ways. The biggest benefit is being able to view all information in one dashboard instead of having to look at several different applications and dashboards. I can see information across our entire environment and every aspect of our network.
The correlation engine is extremely valuable because it uses machine learning to process information from the central manager and identifies issues in the network.
What I found most valuable in LogRhythm NextGen SIEM is that it's user-friendly. I also like its dashboard, which shows all the logs and information I want to see.
FSE at a computer software company with 1,001-5,000 employees
Reseller
2022-07-24T07:16:36Z
Jul 24, 2022
As a SIEM, probably the best feature is that it can be tuned effectively. There are very few SIEMs out there that can be effectively tuned to provide you with meaningful information and not be overwhelmed.
SOAR is integrated with the dashboard that we use for threat management. Because it's all integrated, it is useful for us when we deploy something on-prem.
LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions.
Senior Cyber Security Engineer at a logistics company with 10,001+ employees
Real User
2022-02-15T15:09:30Z
Feb 15, 2022
Currently, we are in the implementation phase. LogRhythm is better than QRadar from the point of view of collecting Windows events. It has a much higher view. You can enable monitoring by default.
Information Security Analyst at a financial services firm with 1,001-5,000 employees
Real User
2022-02-06T07:20:05Z
Feb 6, 2022
LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it.
security solutions integrator at a consultancy with 1-10 employees
Real User
2021-12-27T19:55:08Z
Dec 27, 2021
LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases.
Systems Administrators at a tech services company with 201-500 employees
Real User
2020-12-31T17:15:06Z
Dec 31, 2020
File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting.
Information Security Officer, Network Analyst at a university with 1,001-5,000 employees
Real User
2020-12-03T23:38:34Z
Dec 3, 2020
Automations are very valuable. It provides the ability to automate some of our small use cases.
The ability to integrate with other products that use an API is also very useful. LogRhythm has a plugin for it that we can connect and start to move down towards the path of a single pane of glass instead of having multiple or different tools.
LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM...
I find LogRhythm's log management capabilities to be beneficial.
The log analysis feature is valuable.
The user interface is pretty good compared to other SIEM tools.
The initial setup process is very user-friendly.
The most valuable features of the solution are network monitoring, user behavior analytics, and log collection.
I would rate the product a ten out of ten. The solution is very user-friendly and straightforward. The tool's report customization is interesting.
Our clients enjoy having one dashboard to monitor their environments in real time.
The GUI is very intuitive and the solution has good integration.
I like LogRhythm's ease of use. The solution has improved compared to previous versions. It had many issues before, like integration, the console, creating reports, false positives, etc. The AI engine has made it stronger in the latest version.
LogRhythm does a very good job of helping SOCs manage their workflows.
One of the main features that I like about LogRhythm NextGen SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us.
The most useful feature that I've found so far is the search function. I like all the different ways you're able to search through metadata and the different ways you're able to correlate or search through logs to find out what's going on.
The dashboards in the LogRhythm SIEM really help us as a starting point. It gives us a starting point we can go to every day. We walk through several dashboards to see anomalous activity for further investigation.
It's positively affected our overall rate of efficiency.
This solution has improved our organization in many different ways. The biggest benefit is being able to view all information in one dashboard instead of having to look at several different applications and dashboards. I can see information across our entire environment and every aspect of our network.
AXON has the ability to add and compare use cases.
The correlation engine is extremely valuable because it uses machine learning to process information from the central manager and identifies issues in the network.
What I found most valuable in LogRhythm NextGen SIEM is that it's user-friendly. I also like its dashboard, which shows all the logs and information I want to see.
It's very easy to create the correlation rules with LogRhythm, and there are some advanced features like SIEM and UEBA, which are also very valuable.
NextGen SIEM's most valuable feature is its user-friendliness.
As a SIEM, probably the best feature is that it can be tuned effectively. There are very few SIEMs out there that can be effectively tuned to provide you with meaningful information and not be overwhelmed.
NextGen SIEM's best feature is how it presents logs.
The security operation center is excellent.
It's reliable and the performance is good.
SOAR is integrated with the dashboard that we use for threat management. Because it's all integrated, it is useful for us when we deploy something on-prem.
LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions.
Currently, we are in the implementation phase. LogRhythm is better than QRadar from the point of view of collecting Windows events. It has a much higher view. You can enable monitoring by default.
LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it.
LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases.
The user interface is good.
I would say the most valuable feature of LogRhythm is that it has built-in UEBA functionality, among other basic Windows packages.
The product is great for medium to large-scale organizations.
Technical support is very helpful and responsive.
File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting.
Automations are very valuable. It provides the ability to automate some of our small use cases.
The ability to integrate with other products that use an API is also very useful. LogRhythm has a plugin for it that we can connect and start to move down towards the path of a single pane of glass instead of having multiple or different tools.
In terms of security, LogRhythm NextGen SIEM is great.