We performed a comparison between Grafana Loki and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The initial setup is very simple and straightforward."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"The best feature of Grafana Loki is that it integrates well with our other tool."
"The most valuable feature of Grafana Loki is the dashboards which are really simple to create."
"The effectiveness of filters is pivotal for optimizing the search process and extracting the specific information we need from the extensive log data."
"The most valuable feature of the solution is the tool's GUI. The solution's GUI is very user-friendly."
"The log collection feature is good and the solution is easily understandable. v"
"The most valuable features of the solution stem from the fact that it is an open-source tool that is stable and flexible."
"The solution's stability has never been a problem. Stability-wise, I rate the solution a nine to ten out of ten."
"I appreciate the capability to process logs from microservices and seamlessly integrate them into Grafana."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"We are able to diagnose problems before our customers."
"Scalability has been good for our needs. We haven't run into any scaling issues in regards to size so far."
"The solution is quite stable."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"Enhancing speed could be a game-changer, and while it might vary depending on the application, it's a factor worth exploring."
"There is a need for some change in the alerting types of the product. In short, a few changes in the alert area are needed due to minor shortcomings."
"Visualization-wise, Grafana Loki's dashboard looks a little outdated compared to other open-source visualization tools like Chronograf."
"We had a well-structured dashboard with a functional query. However, an issue arose when the Kubernetes pod restarted. The statistics from our Grafana query would reset, dropping to zero and starting anew. This was particularly noticeable with linear graphs, which are expected to show consistent growth."
"The solution's scalability depends on the team managing the Grafana instance."
"The correlation of requests is not simple in Grafana Loki and can be improved."
"In Grafana Loki, the creation of metrics is not so easy, making it an area that could be made easier."
"The product must improve its UI."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"Sumo Logic Security is expensive, and its pricing could be improved."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"The initial setup is the most stressful, like learning how to use it."
"Sumo Logic needs to make sure integrating solutions are seamless."
Grafana Loki is ranked 13th in Log Management with 12 reviews while Sumo Logic Security is ranked 20th in Log Management with 18 reviews. Grafana Loki is rated 8.0, while Sumo Logic Security is rated 8.6. The top reviewer of Grafana Loki writes "Effective for Logging, recovery from node failures is fast and single UI supports metrics, logs, and even tracing". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Grafana Loki is most compared with Graylog, Wazuh, syslog-ng, Splunk Enterprise Security and Coralogix, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and Google Chronicle Suite. See our Grafana Loki vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.