We compared Fortinet FortiAnalyzer and LogRhythm SIEM based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real time. Users praised LogRhythm SIEM for its user-friendly centralized dashboard, strong integration capabilities, and event-filtering capabilities. LogRhythm SIEM has the potential to improve its SOAR and NDR features, platform stability, and MDI integration. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. LogRhythm users requested expanded log storage, better load balancing, and streamlined search capabilities.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. LogRhythm SIEM was generally praised for its helpful and knowledgeable support, although there have been occasional delays and knowledge problems.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. LogRhythm SIEM's setup is considered to be straightforward. However, it is more time-consuming and complex for enterprise deployments involving multiple components or vendors, and users often require assistance from professional services or LogRhythm-certified engineers.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. LogRhythm SIEM’s license typically includes all elements. However, enterprise customers may encounter complexities related to additional features and add-ons.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. LogRhythm SIEM has proven to be highly valuable, delivering a significant ROI by reducing the mean time to detect and respond.
"The log analysis and reporting are both quite good."
"The most valuable feature is the capability to gather logs and generate reports."
"The scalability is good. It is also good in the cluster nodes. You can make multiple FortiAnalyzer clusters groups, and you can distribute the logs between these FortiAnalyzer nodes. In other words, you can expand the scale."
"The traffic log information we receive from Fortinet FortiAnalyzer is valuable."
"The program is stable and it gives me great visibility."
"I have found incident management and also identifying new threats, analyzing the network traffic, and finding out the issues with the network traffic such as any security issues to be valuable. I also like the compliance reports."
"One of the greatest advantages of Fortinet FortiAnalyzer is its ability to integrate with a variety of software and solutions, providing comprehensive visibility into the network. The solution's strength lies in its capability to work with Fortinet's own products, such as the FortiAP access point, which allows for deep monitoring, automation, correlation, and incident management. However, this functionality is not present when utilizing other products, such as those from Cisco, limiting the visibility and benefits that can be gained."
"Stability-wise, I rate the solution a ten out of ten since, in our company, we have never experienced the solution crashing or having any other issues."
"It has centralized monitoring for our security operations. Therefore, it improves our analysts' work."
"As a SIEM, probably the best feature is that it can be tuned effectively. There are very few SIEMs out there that can be effectively tuned to provide you with meaningful information and not be overwhelmed."
"The initial setup process is very user-friendly."
"Technical support has always been helpful."
"We now have a central point of monitoring for all potential threats."
"Its ability to work with all different sorts of log sources has been extremely valuable."
"The ability for me to go into the Web UI, and just learn what's going on in my environment."
"The most valuable features would be the automation, reporting, and the support."
"The UI could use some improvement. It can be tough for a beginner to navigate because you don't know what to do even if you read the guide. I've talked to some users who said that they couldn't figure out what to do even after looking at the documentation."
"Pricing-wise, it not affordable for the normal customer. Most of the people want to see different types of reporting, but FortiAnalyzer's fee is a little bit difficult."
"The solution should include the ability to customize reports so that customers receive greater value and high level reporting."
"It should have customized reports as well. While it currently has them, you need to write a script which is not straightforward."
"When somebody is new to the system they find it difficult to perform certain operations, like backups, and to see where the reports are."
"The technical support takes at least two days to reply on any ticket post raised on their website."
"Fortinet FortiAnalyzer needs to improve its pricing flexibility."
"I'm looking for something more efficient to analyze different foreign things. That's why FortiSIEM could compete with FortiAnalyzer."
"I have Windows administrators who will remove the agent when they think that that's what's fouling up their upgrade or their install or their reconfiguration, etc. The first thing they do is to turn off the antivirus, turn down the firewall, and take off anything else. They don't realize that the LogRhythm agent is just sitting there monitoring. Most antivirus products have application protection features built-in where, if I'm an admin on a box, I can't uninstall antivirus. I need to have to the antivirus admin password to do that."
"I would like to see case management become more independent from LogRhythm itself."
"We've tried to work with a couple of engineering department guys there. We've called them and called them but we never hear anything back."
"The solution is likely not the best option for a smaller organization."
"The initial setup is not so easy because it is quite a process."
"We're still struggling to get a real return on it and finding something that isn't false noise."
"I would like to see support added for Exchange 2016, and CheckPoint OPSec Lea."
"The responses provided by the cloud team are inefficient."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 85 reviews while LogRhythm SIEM is ranked 7th in Log Management with 166 reviews. Fortinet FortiAnalyzer is rated 8.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Graylog, Grafana Loki and Datadog, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and Elastic Security. See our Fortinet FortiAnalyzer vs. LogRhythm SIEM report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.