We performed a comparison between LogRhythm SIEM and Security Onion based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We now have a central point of monitoring for all potential threats."
"It's very easy to create the correlation rules with LogRhythm, and there are some advanced features like SIEM and UEBA, which are also very valuable."
"The user interface is good."
"The major feature of this solution is its easy configuration which helps different team members to work on it effectively. This kind of feature is not available in other solutions because of a request for specialised schemes for configuration report extraction and searching. Another feature that I really admire is the significant improvement in the compliance in the auditing process by the solution. Our organisation-specific complaints require where the mailbox data needs to be forwarded, stored and searchable for a certain time period. This solution categorises data based on different types, which include cold, warm and hot data. These features allow faster and easier extraction of any data even if the event was occurring several years ago. I also like other features, especially user behaviour analysis and automation. If suddenly someone accesses your side or an unusual traffic is recorded from a user the solution flags it very effectively."
"The initial setup is pretty easy."
"File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting."
"The AI Engine can take an event and correlate it into something else giving us meaningful context regarding what is going on. We integrated it in with our ticketing system, so if an alarm fires, it raises a ticket in our system."
"As a SIEM, probably the best feature is that it can be tuned effectively. There are very few SIEMs out there that can be effectively tuned to provide you with meaningful information and not be overwhelmed."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"Security Onion is the most mature solution in the market."
"We use Security Onion for internal vulnerability assessment."
"The console installation is an area with a shortcoming in the solution that needs improvement. If LogRhythm SIEM can offer a web console, it would be great."
"The web and on-premise console interface should be the same instead of having a separate engine for each."
"It will definitely help if the parsing side would be much easier, meaning it would be better if we could easily make adjustments on the parser, both on standard and non-standard log sources."
"I would like to see support added for Exchange 2016, and CheckPoint OPSec Lea."
"It's not easy for someone new to the solution."
"My biggest issue - I know that they say they're doing it - is that the API-building is extremely important. They keep saying it's coming, it's coming. It's not coming fast enough. I don't care if they need to double their team size to get it out there quicker, the world is already in the cloud and we can't monitor it. That's a big problem for us. My boss keeps coming to me about it. That's an issue."
"Move it to Linux. I would like to see it get off the SQL Server."
"We've had issues with scaling and local support."
"The product is not easy to learn."
"The initial setup of the solution is a little bit difficult."
"Security Onion's user interface could be improved."
LogRhythm SIEM is ranked 7th in Log Management with 166 reviews while Security Onion is ranked 33rd in Log Management with 3 reviews. LogRhythm SIEM is rated 8.4, while Security Onion is rated 7.6. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Security Onion writes "A mature and affordable solution that is easy to install and easy to update". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Microsoft Sentinel and LogRhythm Axon, whereas Security Onion is most compared with Wazuh, Elastic Stack, TheHive, Splunk Enterprise Security and Elastic Security. See our LogRhythm SIEM vs. Security Onion report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.