We just raised a $30M Series A: Read our story

LogRhythm NextGen SIEM OverviewUNIXBusinessApplication

LogRhythm NextGen SIEM is #7 ranked solution in top Security Information and Event Management (SIEM) tools and #10 ranked solution in Log Management Software. IT Central Station users give LogRhythm NextGen SIEM an average rating of 8 out of 10. LogRhythm NextGen SIEM is most commonly compared to Splunk: LogRhythm NextGen SIEM vs Splunk.LogRhythm NextGen SIEM is popular among Midsize Enterprise, accounting for 64% of users researching this solution on IT Central Station. The top industry researching this solution is Computer Software Company, accounting for 29% of all views.
What is LogRhythm NextGen SIEM?

LogRhythm is a world leader in NextGen SIEM, empowering thousands of enterprises on six continents to successfully reduce cyber and operational risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. The LogRhythm NextGen SIEM Platform combines advanced security analytics; user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) in a single end- to-end solution.

LogRhythm’s technology serves as the foundation for the world’s most modern enterprise security operations centers (SOCs), helping customers measurably secure their cloud, physical, and virtual infrastructures for both IT and OT environments. Built for security professionals by security professionals, the LogRhythm NextGen SIEM Platform has won countless customer and industry accolades. For more information, visit logrhythm.com.

LogRhythm NextGen SIEM is also known as LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM.

LogRhythm NextGen SIEM Buyer's Guide

Download the LogRhythm NextGen SIEM Buyer's Guide including reviews and more. Updated: October 2021

LogRhythm NextGen SIEM Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill

LogRhythm NextGen SIEM Video

Pricing Advice

What users are saying about LogRhythm NextGen SIEM pricing:
  • "We did a five-year agreement. We pay close to a quarter of a million dollars for our solution."
  • "It costs a great amount, but its pricing is competitive with some of the other vendors. For licensing and support, we pay about 20,000. There are no additional costs or anything like that."
  • "In the context of our country, the price of this solution is too high."

LogRhythm NextGen SIEM Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
MC
Information Security Officer, Network Analyst at a university with 1,001-5,000 employees
Real User
Top 20
It puts things together and provides the evidence and has good automation and integration capabilities

Pros and Cons

  • "Automations are very valuable. It provides the ability to automate some of our small use cases. The ability to integrate with other products that use an API is also very useful. LogRhythm has a plugin for it that we can connect and start to move down towards the path of a single pane of glass instead of having multiple or different tools."
  • "Their ticketing system for managing cases can be improved. They can either do that or adopt some of the open-source ticket systems into theirs. The current system works and gets the job done, but it is very bare-bones and basic. There are some things that could be improved there. They should also bring in more threat intelligence into the product and also probably start to look into the integration of more cloud or SAS products for ingesting logs. They're doing the work, but with the explosion of COVID, a lot of businesses have started to move towards more cloud applications or SAS applications. There is a whole diverse suite of SAS products out there, which is a challenge for them and I get it. They seem to be focusing on the big ones, but it'll be nice to be able to, for example, pull in Microsoft logs from Office 365. They are working towards a better way of doing that, and they have a product in the pipeline to pull logs in from other SAS applications. The biggest thing for them is going to be moving away from a Windows Server infrastructure into a straight-up Linux, which is more stable in my eyes. For the backend, they can maybe move into more of an up-to-date Elastic search engine and use less of Microsoft products."

What is our primary use case?

We use it for log ingestion and monitoring activity in our environment.

How has it helped my organization?

It is a simpler system than what we had before. We had IBM QRadar, which used to give us everything, and we had to dig through, figure out, and piece it all together. LogRhythm lights up when an event occurs. As opposed to just giving us everything, it will piece things together for you and let you know that you probably should look at this. It also provides the evidence. 

It is easy to find what you're looking for. It is not like a needle in the haystack like QRadar was. It is not a mystery why something popped or why you're being alerted. It provides you the details or the evidence as to why it alerted or alarmed on something, making qualifying or investigations a little bit quicker and also allowing us to close down on remediation times.

What is most valuable?

Automations are very valuable. It provides the ability to automate some of our small use cases. 

The ability to integrate with other products that use an API is also very useful. LogRhythm has a plugin for it that we can connect and start to move down towards the path of a single pane of glass instead of having multiple or different tools.

What needs improvement?

Their ticketing system for managing cases can be improved. They can either do that or adopt some of the open-source ticket systems into theirs. The current system works and gets the job done, but it is very bare-bones and basic. There are some things that could be improved there. 

They should also bring in more threat intelligence into the product and also probably start to look into the integration of more cloud or SAS products for ingesting logs. They're doing the work, but with the explosion of COVID, a lot of businesses have started to move towards more cloud applications or SAS applications. There is a whole diverse suite of SAS products out there, which is a challenge for them and I get it. They seem to be focusing on the big ones, but it'll be nice to be able to, for example, pull in Microsoft logs from Office 365. They are working towards a better way of doing that, and they have a product in the pipeline to pull logs in from other SAS applications.

The biggest thing for them is going to be moving away from a Windows Server infrastructure into a straight-up Linux, which is more stable in my eyes. For the backend, they can maybe move into more of an up-to-date Elastic search engine and use less of Microsoft products.

For how long have I used the solution?

I have been using this solution for three years.

What do I think about the stability of the solution?

Bugs are there. We've encountered quite a few, but support is pretty quick at picking up and working with us through those and then escalating through their different peers until we get a solution. Now, the bugs are becoming less and less. Initially, they were rolling out features pretty quickly, and maybe some use cases weren't considered. We ran into those bugs because it was a unique use case.

What do I think about the scalability of the solution?

It is easy to scale. We run different appliances. So, for us scaling is not an issue. Each appliance does a different piece of the function, so scalability is not a problem. We started off doing say 10,000 logs per second or MPS event, and then we quickly upgraded. Now, we're sitting at a cool 15,000. There is no need to upgrade hardware or anything. You just update the license. That is it.

We have multiple users in there. We have a security team, operations teams, server team, and network team for operations. We also have our research team, HBC team, and support desk staff. We have security teams from other universities in the States. We're sitting at a cool 50 users.

How are customer service and technical support?

Their technical support is good. They are pretty quick at working with us. I would give them an eight out of ten. I don't know what they see on their end when a customer calls in and whether they are able to see previous tickets. It always feels like you're starting fresh every time. They could maybe improve on that end.

Which solution did I use previously and why did I switch?

We had IBM QRadar for what seemed to be almost a decade. So, we just needed something different. There was a loss of knowledge transfer, as you can imagine, over a decade with different people coming in and out of security teams, and the transfer of knowledge was very limited. At the time I got on board, I had to figure out how to use it and how to maintain it and keep it going. We had some difficulties or challenges with IBM in getting a grasp on how we can keep getting support. It was a challenge just figuring out who our account rep was. After I figured that out, it was somewhat smooth sailing, and then we just decided it was time for something different, just a break-off because products change in ten years. You can either stay with it and deal with issues, or you do a break-off and get what's best for the organization.

How was the initial setup?

It was complex simply because we had different products. 

What about the implementation team?

We did have professional services to help us, which made the installation a little bit smoother. Onboarding of logs and having somebody with whom you can bounce ideas and who can go find an answer for you if they didn't have one readily available made the transition from one product to the other pretty straightforward.

What's my experience with pricing, setup cost, and licensing?

We did a five-year agreement. We pay close to a quarter of a million dollars for our solution.

What other advice do I have?

I would definitely advise giving it a look. If you're able to deal with it in your environment and just give it a chance, it'll grow on you. It is not Splunk, but it's getting there. They're gaining visibility with other vendors. The integration with third parties is starting to light up a little bit for them, unlike IBM QRadar that has already created that bond with third parties to bring in their services into the product. LogRhythm is definitely getting there, and it is a quick way to leverage in-house talent. So, if you want to do automation and you have someone who is good at Python scripting or PowerShell, you can easily build something in-house to automate some of those use cases that you may want to do. 

I would rate LogRhythm NextGen SIEM an eight out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Sadat Mohammad  Rifat
Senior System Engineer at a tech services company with 11-50 employees
Reseller
Stable with one central dashboard and good scalability

Pros and Cons

  • "The product is great for medium to large-scale organizations."
  • "The solution is likely not the best option for a smaller organization."

What is our primary use case?

We primarily use the solution to reducing insider threats. We also use the product to deal with some aspects of banking security. For example, with its product, we are able to lower the threat of being attacked by malware.

What is most valuable?

I appreciate the fact that I can do everything from one dashboard. That is the main aspect of LogRhythm so far that I find extremely useful. We don't need a different dashboard or other solution for managing things.

The initial setup is simple. 

The solution is stable.

The product is great for medium to large-scale organizations.

The product can scale. 

Technical support is reportedly quite good.

What needs improvement?

What I would suggest is for the product to make the consoles more user-friendly. The integration module should be simpler. That way, that the end-customer himself can do the integration and they are not always dependent on our site. The integration with other vendors should be easy.

The solution is likely not the best option for a smaller organization.

One of the features I like to recommend is a LogRhythm queuing ticket for a level-one tier system so that clients are not dependent on a third party.

For how long have I used the solution?

We've been working with the product since 2018. It's been almost three years at this point.

What do I think about the stability of the solution?

The solution is very stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

What do I think about the scalability of the solution?

In terms of scaling, the solution is best for medium to large companies. Smaller companies likely do not want to invest in IT security products, however, for medium to large organizations, especially banks, LogRhythm works well.

It's easy to scale. What we do for scalability is we always put the hardware capability higher than the license. For example, if a customer wants a 3,000 MPS license, we always provide 6,000 MPS hardware. If they want to scale the license to 4,000 or 5,000, we just put the license in, and then it works as the size capacity is there. It's easy. It's not that difficult.

How are customer service and support?

We are not an end-user and therefore do not directly deal with technical support. In terms of the support, the end-user would get a response from the technical team, and, so far, from the feedback I've gotten, they are good. Clients seem satisfied with the level of service they receive.

Which solution did I use previously and why did I switch?

I also work with Oracle. 

How was the initial setup?

The initial setup is simple for us, basically. It's not that challenging. The main challenge we face for integration is from the different vendors as we have to do different tasks. However,  the deployment of LogRhythm is very easy.

It takes 12 to 15 days for a full deployment.

We have two phases that are five to seven days each. The second phase involves integration and tuning stuff and that can usually take six or seven days for that part alone.

It's on a Windows server. Windows is very convenient for everyone. Users can just follow the process as per LogRhythm and it's easy to deploy everything.

In our distribution model, we don't provide end-user support directly. We have another partner company that provides maintenance and support for the end-user. For the partner side, many of the engineers are LogRhythm certified and they do the maintenance and other tasks.

What about the implementation team?

As an implementor, we can handle the setup for our clients. 

What's my experience with pricing, setup cost, and licensing?

LogRhythm pricing is based on the MPS. They always quote the pricing per unit of MPS. The number of MPS which the customer needs is what we provide with the unit price and we get a good discount on it, as per LogRhythm.

The price is in USD. For that reason, when we convert from USD to our currency, the pricing seems quite high.  

Everything is included. We get the data processing license as well as the sole license and the filing, ticketing, monitoring licenses, and the collector license as well. We get everything in one package.

What other advice do I have?

We are a distributor and we have around 15 to 20 partners who are working with LogRhythm in this region. We work for the end-user and we implement it and handle presentations for the customer.

We are working with the latest version of the solution. I can't speak to the exact version number, however.

I'd rate the solution at a ten out of ten. It's a very good product overall. Clients have been very happy with it. In terms of the feedback we've received from the end-user and our own experience with the deployment process and manageability, everything is great.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
Learn what your peers think about LogRhythm NextGen SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
543,424 professionals have used our research since 2012.
Kashif Ali
Unit Head Titanium (Security Solution) at RapidCompute
Real User
Great features with good cloud functionality and excellent technical support

Pros and Cons

  • "Technical support is very helpful and responsive."
  • "Parsing is totally controlled by LogRhythm and they do not allow any partner or any third-party to handle this part and this is a key challenge on my end."

What is most valuable?

We really appreciate the new cloud functionality. The cloud is really showing its dominance. 

Technical support is very helpful and responsive.

The product has a lot of useful features.

What needs improvement?

There aren't really any missing features. It's quite a complete solution.

Most of the clients using the on-prem are using customized applications. In the customized applications, we are facing parsing issues and a minimum of two days is required by the LogRhythm team for parsing logs. 

Parsing is totally controlled by LogRhythm and they do not allow any partner or any third-party to handle this part and this is a key challenge on my end. This is a huge cost impact -at least on the Pakistani market. It needs to be addressed.

The solution should be less expensive.

It would be very helpful if there was Kashif a package to help users migrate from QRadar to LogRhythm.

In Pakistan, the government is in the process of developing its final recommendation of cybersecurity and data protection process. We hope this solution will prove to be compliant and will meet the requirements in the future.

For how long have I used the solution?

I've been using the solution for approximately one and a half years at this point. It hasn't been too long just yet.

What do I think about the scalability of the solution?

We have four or five people using the solution in our organization. They are managing the LogRhythm infrastructure.

How are customer service and technical support?

We are in touch with their support. It's government support, and they're quite supportive, and they are quite responsive. They have a divisional team is quite responsive. 

How was the initial setup?

The initial setup is complex with LogRhythm. In that Pakistan market, with LogRhythm, the climate is very limited at this point. For the on-prem, there may be only two customers, for example. One is a bank and one is serving as an MSSP.

We've added four customers to a pay-as-you-go model. You apply Windows 2000 MPS or a cloud environment. The initial setup is quite difficult, however, after making certifications we are able to provide the initial setup and got it working with the LogRhythm support team.

For maintenance, I have five engineers that are part of my security team, including me and my sales and operations. Approximately we have 14 to 15 people that can handle maintenance.

What about the implementation team?

We had some assistance from the LogRhythm support team. We did not entirely do it ourselves.

What's my experience with pricing, setup cost, and licensing?

The cost of the solution should be reduced. In the Pakistan market, they have competition from IBM QRadar. They have quite a significant core difference. While the quality of this product is better, IBM has a stronger penetration in the market base don price. 90% of financial institutions are doing the QRadar in Pakistan. The Central Bank is using QRadar and simply due to the cost differences.

Which other solutions did I evaluate?

Initially, we tested out the QRadar, however, due to some delay and due to some market awareness tests, we did not continue.

What other advice do I have?

We are using the solution for our own infrastructure and we are also offering it as a service. We are the largest service provider, cloud service provider, in Pakistan. However, we use a variety of deployment models - including cloud and hybrid.

We have an ISO position for government-certified infrastructure. We have a PCI-certified infrastructure as well as a GDPI compliant infrastructure.

We work closely with this product in particular. We have a lot of hands-on experience.

I'd rate the solution eight out of ten. If it weren't for some parsing limitations in the product, I would rate it even higher.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
SS
Systems Administrators at a tech services company with 201-500 employees
Real User
Top 5
Very helpful for monitoring and alarming, very stable and scalable, and excellent technical support

Pros and Cons

  • "File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting."
  • "It should have some more message monitoring features. It can also have some free message monitoring tools."

What is our primary use case?

I use LogRhythm for PCI DSS compliance. All of our devices are sending logs to LogRhythm. I have set up Silent Integrity Monitoring, Data Loss Prevention, Registry Integrity Monitoring, and other alarms for detection, and we do investigations.

How has it helped my organization?

I don't have metrics, but it has really improved the monitoring and alarming for us. 

What is most valuable?

File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting.

What needs improvement?

It should have some more message monitoring features. It can also have some free message monitoring tools.

For how long have I used the solution?

I have been using this solution for about two years.

What do I think about the stability of the solution?

It has been very stable. There are no major issues. It has been exactly doing what I expected it to do.

What do I think about the scalability of the solution?

It has been very scalable in terms of adding new systems and stuff like that. It has been quite good.

We have plans to increase the usage of LogRhythm. We have some new solutions and new networks coming up. We might be looking to expand within the next two years to onboard new systems.

How are customer service and technical support?

Technical support has been excellent so far. I never had any issues with technical support. Their support has been excellent.

Which solution did I use previously and why did I switch?

I didn't use any other solution previously.

How was the initial setup?

It was pretty straightforward. The actual deployment of it took about two days, but the implementation strategy took longer. It took a couple of months for meetings and planning with different experts, project managers, and engineers. They looked at our business requirements and other things.

We have two administrators and two analysts. Four of us are managing the system.

What's my experience with pricing, setup cost, and licensing?

It costs a great amount, but its pricing is competitive with some of the other vendors. For licensing and support, we pay about 20,000. There are no additional costs or anything like that. 

Which other solutions did I evaluate?

When I was looking for a solution, I looked at Splunk and LogRhythm. There was one from SolarWinds as well. Cost-wise, LogRhythm was the one that impressed me the most. Splunk was really good as well, but it was a little too costly.

What other advice do I have?

I would definitely recommend this solution for compliance requirements, such as PCI DSS compliance. It does cost a great amount, but its pricing is competitive with some of the other vendors. If it is a necessity to have a SIEM solution, I would definitely recommend LogRhythm.

I would rate LogRhythm NextGen SIEM a nine out of ten. It has been really good. So far, my experience has been seamless. They should keep doing what they're doing.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Shreenkhala Bhattarai
Cyber Security Researcher at a tech services company with 1-10 employees
Real User
Top 5
Stable with an easy initial setup and good security

Pros and Cons

  • "The initial setup is pretty easy."
  • "For our market, the solution is quite expensive. It would be ideal if they could work on and improve their existing pricing plans to help make it more affordable in our country."

What is our primary use case?

We typically consult with our clients and help them with necessary services.

What is most valuable?

The UEBA flow is the most useful aspect of the solution.

The initial setup is pretty easy.

While the cost is high, the security provided is quite good, and for those who can afford it, they will pay for the peace of mind.

What needs improvement?

I'm not a fan of the system's user interface.

For our market, the solution is quite expensive. It would be ideal if they could work on and improve their existing pricing plans to help make it more affordable in our country.

We'd like it if the solution could be more customizable in future releases.

For how long have I used the solution?

We've been dealing with the solution for about a year.

What do I think about the stability of the solution?

The solution is quite stable. There aren't issues related to bugs or glitches. It doesn't crash. It's reliable.

What do I think about the scalability of the solution?

The solution can scale if a client needs it to.

We have clients that have 10-15 users on the solution. They are mostly security analysts. In terms of those that can actually view and escalate cases, there may only be five with such access.

At this point, there aren't any plans to increase usage.

How are customer service and technical support?

We typically are the ones that handle technical support for our clients if they run into issues.

How was the initial setup?

The initial setup is not complicated. It's quite easy and very straightforward if you follow the guides provided. I followed the guides and found it to be rather simple. It's not difficult to get everything up and running.  

The deployment doesn't take too long. You can have it ready to go in one working day. That includes installation and configuration.

We have a minimum of five people who handle maintenance and deployments.

What about the implementation team?

Our company handles the installation for our clients. We can handle the implementation ourselves. We don't need a separate consultant or integrator.

What's my experience with pricing, setup cost, and licensing?

In our market, for the price it costs, our clients aren't using this solution so much. It seems to be quite expensive in Nepal. That said, even with the fees and a rather high cost, it is the best product among other competitors. 

What other advice do I have?

We're partners with LogRhythm.

We don't technically use the solution typically. We consult with clients and advise on products. We also provide services on the solutions we offer. In this case, we do use the product as we log issues.

We use the latest version of the solution.

For our customers, the pricing will scare off many. However, if users are concerned more with the security of their account, they'll find this is a good option.

I would recommend the product. On a scale from one to ten, I'd rate it at an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Chamini Ellawala
Associate Senior Engineer - Network & Security at Connex Information Technologies (Pvt) Ltd.
Reseller
Top 20
Enables us to alternate incident automations but reporting needs improvement

Pros and Cons

  • "The most valuable feature is that we can alternate incident automations."
  • "We need to get better training for things like creating code and playlists. The way it's done now takes a long time."

What is our primary use case?

Our primary use case is for financial companies and telcos.

What is most valuable?

The most valuable feature is that we can alternate incident automations.

What needs improvement?

We need to get better training for things like creating code and playlists. The way it's done now takes a long time. 

For how long have I used the solution?

I have been using LogRhythm NextGen SIEM for two years. 

What do I think about the stability of the solution?

The stability depends on the client we installing or integrating for based on the server's requirements. We can create them according to that defined time period. It's not that difficult but depending on the customer or the other server requirements.

We can have a dashboard in a single platform, we can get notifications via email or SMS, and we have Smart Response actions. So that kind of possibility is there.

What do I think about the scalability of the solution?

Our clients are mostly on a larger scale. 

How are customer service and technical support?

You can request support and they respond immediately. They're really good. 

How was the initial setup?

The initial setup is easy. It can take two hours. The first day of deployment is easy. Then depending on the devices and log servers, it can take time. We can give them predefined or pre-created devices and logs. The deployment depends on the devices and systems we are integrating. But the initial stage is easy.

What's my experience with pricing, setup cost, and licensing?

Because we are a developing country, the costs depend on country development. We implement it for large-scale companies because normal companies, startup companies, can't afford products at that price. We mainly focus on large-scale companies.

What other advice do I have?

I would definitely recommend this solution if you can afford it. 

We get customized reports and we get reports including all the details, but when we start using them we couldn't start with the Outlook editor. We can customize a document and we can write a report. The dashboards are very user-friendly and very attractive. But when it comes to the reporting part, I think that could use improvement in the next release. 

I would rate it a seven out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
Jason Gagnon
Senior Cyber Security Engineer at a individual & family service with 10,001+ employees
Real User
Top 20
Good support, offers customized alarms, and helps us to focus our investigative efforts

Pros and Cons

  • "I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."
  • "There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back."

What is our primary use case?

We use multiple instances as dark sites. We have roughly 350-400 hosts per site consisting of 4K to 5K log sources.

How has it helped my organization?

It has not only helped us meet requirements on a development program, but it has also allowed us to focus on insider threats as well as provide forensics capabilities to identify potential security risks.

What is most valuable?

I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios.

What needs improvement?

There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back. I was told that this was due to processor overhead but with the amount of CPU and memory suggested, I don't see why this would be an issue.

For how long have I used the solution?

I have been using LogRhythm NextGen SIEM for six years.

What do I think about the stability of the solution?

It is stable when all the resource recommendations are met.

What do I think about the scalability of the solution?

Scalability is endless with this product.

How are customer service and technical support?

Technical support has been great.

Which solution did I use previously and why did I switch?

We did not use another product prior to this one.

How was the initial setup?

The initial setup is pretty straight forward.

What about the implementation team?

Our in-house team handled deployment.

What's my experience with pricing, setup cost, and licensing?

I don't get involved with pricing.

Which other solutions did I evaluate?

We did not evaluate other options.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Shreenkhala Bhattarai
Cyber Security Researcher at a tech services company with 1-10 employees
Real User
Top 5
Efficiently catches threats and reduces the risk of exposure

What is our primary use case?

Private monitoring is our primary use case.

What is most valuable?

In terms of security, LogRhythm NextGen SIEM is great.

For how long have I used the solution?

I have been using LogRhythm NextGen SIEM for one year.

What do I think about the stability of the solution?

LogRhythm NextGen SIEM is stable.

What do I think about the scalability of the solution?

Scalability-wise, it's not that great, but integration with other solutions is pretty easy.

How are customer service and technical support?

The technical support is great.

Which solution did I use previously and why did I switch?

We also use Splunk, but in terms of security, we always recommend LogRhythm NextGen SIEM.

How was the initial setup?

The initial setup was very…

What is our primary use case?

Private monitoring is our primary use case.

What is most valuable?

In terms of security, LogRhythm NextGen SIEM is great.

For how long have I used the solution?

I have been using LogRhythm NextGen SIEM for one year.

What do I think about the stability of the solution?

LogRhythm NextGen SIEM is stable.

What do I think about the scalability of the solution?

Scalability-wise, it's not that great, but integration with other solutions is pretty easy.

How are customer service and technical support?

The technical support is great.

Which solution did I use previously and why did I switch?

We also use Splunk, but in terms of security, we always recommend LogRhythm NextGen SIEM.

How was the initial setup?

The initial setup was very straightforward. We deployed LogRhythm very easily. In total, including configuration, we deployed this solution in less than one day.

What's my experience with pricing, setup cost, and licensing?

In the context of our country, the price of this solution is too high.

What other advice do I have?

Overall, on a scale from one to ten, I would give LogRhythm NextGen SIEM a rating of eight. 

I would definitely recommend this solution; my only concern is with the price — it should be lower.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Buyer's Guide
Download our free LogRhythm NextGen SIEM Report and get advice and tips from experienced pros sharing their opinions.