We compared Amazon CloudWatch and LogRhythm SIEM based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Amazon CloudWatch users liked the solution’s simplicity, intuitive interface, and ability to handle large workloads. Users also praised CloudWatch’s comprehensive monitoring and alerts. Users praised LogRhythm SIEM for its user-friendly centralized dashboard, strong integration capabilities, and event-filtering capabilities. Some reviews mentioned that Amazon CloudWatch could improve performance and dashboard visualization through. Others noted that the solution lacked compatibility with some databases. LogRhythm SIEM has the potential to improve its SOAR and NDR features, platform stability, and MDI integration. LogRhythm users requested expanded log storage, better load balancing, and streamlined search capabilities.
Service and Support: Customers generally have positive opinions about Amazon's customer service. They commended the support team for its availability and timely issue resolution. LogRhythm SIEM was generally praised for its helpful and knowledgeable support, although there have been occasional delays and knowledge problems.
Ease of Deployment: Amazon CloudWatch is generally described as easy to set up. LogRhythm SIEM's setup is considered to be straightforward. However, it is more time-consuming and complex for enterprise deployments involving multiple components or vendors, and users often require assistance from professional services or LogRhythm-certified engineers.
Pricing: Amazon CloudWatch offers a flexible pricing structure based on usage and processing, without any separate licensing cost. Some users said that scaling up can be costly due to the need for additional storage space. LogRhythm SIEM’s license typically includes all elements. However, enterprise customers may encounter complexities related to additional features and add-ons.
ROI: Amazon CloudWatch offers a return on investment by minimizing the need for manual monitoring. LogRhythm SIEM has proven to be highly valuable, delivering a significant ROI by reducing the mean time to detect and respond.
"Most of it's around optimizing utilization, their cloud utilization. They're making sure that they're getting the most out of their in-cloud environments and their instances. Making sure that there's no strange behavior in the environment."
"I can put it in a simple term, its simplicity is always there."
"We can set CPU thresholds using the solution."
"The most valuable feature of Amazon CloudWatch is reliability."
"The most valuable feature of Amazon CloudWatch is intrusion prevention."
"It is a stable solution...I rate the technical support a ten out of ten."
"The most valuable feature of Amazon CloudWatch is the monitoring and UI."
"Every time we get an alarm or have an incident, CloudWatch is always there. We use it not only for resources we've spun up in the cloud, but also for some of our on-premises resources."
"I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."
"Its benefits are broad. The solution isn't necessarily made to do any one thing, but it can do anything you tell it to. It is able to tackle any different type or size of job."
"In terms of security, LogRhythm NextGen SIEM is great."
"We have NetFlow information going into it, so we can examine a lot of traffic patterns and anomalies, especially if something stands out and is not the baseline. This helps a lot."
"File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting."
"It has helped us centralize and have better visibility into devices on our network. We are better able to respond to threats in a timely manner."
"The ability to drill down and pivot from an event is one of the biggest advantage the product has compared to other things that I have seen in the market."
"We now have a central point of monitoring for all potential threats."
"I would like to monitor inbound and outbound transfer. I would also like to control the traffic for load balancing."
"For monitoring applications or for APM, CloudWatch has some limitations. You cannot monitor application performance from CloudWatch, and you have to go for a third-party tool."
"It is hard to configure; it is not a straightforward tool."
"The drill-down aspect on the dashboard of the solution needs improvement. We get a very good high-level overview, but when we drill down, it becomes a little less clear. We have given this feedback to AWS as well and hope they will improve this in the future."
"It's not an advanced way of monitoring."
"When customers want to see the CPU or memory utilization there is a cost. This should be free to see the utilization."
"I think something that can be improved are the alerts and alerting mechanism based on no rejects. We want to have it more flexible and that is one of the key things that is required."
"The product’s documentation must be improved."
"I would really love to be able to take some of the data and not have to export it to a CSV file, so I can pull it into Excel to turn it into some other kind of graph."
"Appliance-based setups can sometimes pose scalability issues"
"I would like to suggest that they should improve their usage of third party tools for making dashboards and reports. If they would create their own tools for dashboard and report, it would be much better in terms of security purposes."
"The installation was a bit complex because we are running a virtual infrastructure."
"The security playbook could be pre-defined and available to other analysts with similar security issues."
"Stability has probably been one area where Health Checks have not been great with the product. We have been told that they are going to improve Health Checks on product, though we do struggle with them on a daily basis."
"The reporting on the dashboard should be improved from a management perspective. It would be helpful if they adjusted the colors and the presentation to make things clearer and easier to read."
"It will definitely help if the parsing side would be much easier, meaning it would be better if we could easily make adjustments on the parser, both on standard and non-standard log sources."
Amazon CloudWatch is ranked 12th in Log Management with 40 reviews while LogRhythm SIEM is ranked 8th in Log Management with 166 reviews. Amazon CloudWatch is rated 8.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Amazon CloudWatch writes "Instantaneous response when monitoring logs and KPIs". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Amazon CloudWatch is most compared with Zabbix, Datadog, Google Cloud's operations suite (formerly Stackdriver), Dynatrace and SolarWinds NPM, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Microsoft Sentinel. See our Amazon CloudWatch vs. LogRhythm SIEM report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
