We performed a comparison between Datadog and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The features that stand out are the detection engine and its integration with multiple data sources."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"The fact that everything is under a single pane of glass is really valuable, as developers don't have to spend their time copying correlation IDs across tools to find what they need."
"The monitoring functionality, in general, and tagging infrastructure are great."
"The integration and configuration are incredibly simple. The SaaS offering is remarkably easy to set up, especially if you're coming from a Graphite environment or anything that uses a StatsD."
"Datadog is easy to use and easy to deploy. It's a better solution compared to others on the market in terms of being budget friendly for our customers."
"Datadog dashboards are pretty great."
"Its integration is most valuable because you can integrate it with various service providers such as AWS, .Net, etc."
"Datadog documentation on web pages has improved a lot and is pretty easy to follow and find."
"The solution allows flexibility and heightened observability for presenting data, creating indicators, and setting service-level objectives."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"We can integrate threat intelligence solutions into the product."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"The playbook is a bit difficult and could be improved."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"The on-prem log sources still require a lot of development."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"I found the solution to be stable, I did not experience any bugs or glitches. However, some of the managing team did."
"Billing should be more transparent."
"When the logs are too big, and Datadog splits them, the JSON format breaks and it is not so useful for us."
"The on-premise version is very difficult to upgrade."
"For three to four months, we have been experiencing real-time delays. For example, if we're monitoring incoming traffic, the real-time status should be displayed up to a certain point. However, due to delays or issues with Datadog, the real-time data might only be updated at an earlier time. We are experiencing consistent delays in data updates from Datadog, with the most recent data often being delayed by about an hour. This issue has been ongoing for the past four months."
"I'm still exploring the trial version, and it is fine. One thing that I haven't been able to figure out is how to retrieve a report. This is something that could be improved. I probably need to navigate to a place to access the reports."
"Datadog has a lot of features kind of cramped into one dashboard. It's quite hard to get around what feature does exactly what. There was a steep learning curve, trying to navigate through menus."
"The current way accounts are billed could be vastly improved - especially when involving multiple organizations across multiple accounts in combination with reserved commitments."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
Datadog is ranked 3rd in Log Management with 137 reviews while Sumo Logic Security is ranked 20th in Log Management with 18 reviews. Datadog is rated 8.6, while Sumo Logic Security is rated 8.6. The top reviewer of Datadog writes "Very good RUM, synthetics, and infrastructure host maps". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Datadog is most compared with Dynatrace, Azure Monitor, New Relic, AWS X-Ray and Elastic Observability, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and Grafana Loki. See our Datadog vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.