キャプテラ - 日本企業の最適な
ソフトウェア選びをサポートし18年
LogRhythm Log Managementとは
ビジネスがマシンベース分析、ユーザーとエンティティの行動分析 (UEBA) などによってサイバー脅威を検知および克服するのを支援するサイバーセキュリティ管理ツール。
Log Rhythm is best in incident Management and response, its AI Engine capability, log storage and it architecture which gives wide scope to integrate as many tools and pull the as many logs.
Once the last veteran CSM quit, Logrhythm appeared to stop trying. This is largely because the Open Collector, which had been announced as the future has never panned out.
レビューを絞り込む (10件)
Has fallen
製品を使ってみた感想: LogRhythm has been a solid part of our security portfolio. It has provided insight into our infrastructure that we didn't have previously, but the world and the company have changed and we will be migrating to an MDR solution once our support expires.
良いポイント:
Licensing per messages vs log volume per day sold us. Splunk charges per volume, with is fair with syslog, but death with verbose Windows logs. Centralized log collection and analysis was what we purchased it for over 5 years ago. We've utilized more of the security features as time has gone by. It performs these well. Once the application interface is mastered, investigations are straightforward and gives insight to the schema. The web console is easy to use in general, but complex searches and investigations are not intuitive. Great when I want to run a quick ad hoc search and useful when I set up a custom search to aid other's troubleshooting.
改善してほしい点:
Many log parsers are weak and customization is frequently painful and once customized, no longer supported. Tech support started out great, but has fallen dramatically due to rapid growth to the point it's hit or miss and now typical of what I run into with enterprise software. Integration with Bitdefender Cloud was painful and took a huge effort on my part to get both parties working together. Once the last veteran CSM quit, Logrhythm appeared to stop trying. This is largely because the Open Collector, which had been announced as the future has never panned out. The methodology for bulk addition of a log source type hasn't worked for me. I established this as a bug, but to date, hasn't been resolved to my knowledge. The alternative is importing from a csv file that requires building a template by trial and error or manually adding the parser to each endpoint through a clunky manual process.
Best SIEM tool for Enterprise customers with best incident automation response capabilities in it.
製品を使ってみた感想: Log Rhythm does work excellent in terms correlation of events from all devices and works well in incident handling and threat hunting. It may through issue in terms of storage, EPS and crashing services sometimes but on overall perspective it works well for Enterprise customers in handling SOC operations daily with large team.
良いポイント:
Log Rhythm is best in incident Management and response, its AI Engine capability, log storage and it architecture which gives wide scope to integrate as many tools and pull the as many logs.
改善してほしい点:
Log Rhythm is not east in deployment due because of its wide components, maintenance required well trained security engineers for it specifically and from operations point handling on daily basis which crashes frequently.
Excellent SIEM Solution For Your Organization
製品を使ってみた感想: We were implemented LogRhythm in last year. It needs minimum 128GB RAM for perfect performance. Because it needs to analyze lot of logs. The dashboard and features are very good. I would like to say the log management is excellent.
良いポイント:
It has a user-friendly dashboard. Therefore, even a beginner can easily understand and monitor the dashboard. Also, I like to dark theme of the LogRhythm.
改善してほしい点:
Actually, the correlation is a little bit difficult thing. So, you should have a good knowledge of that. Also, somewhat expensive when compared with other similar products.
Pricey but Feature Full
製品を使ってみた感想: Great tool, well presented. Primarily being used for log correlation and CSOC monitoring allowing effective real-time monitoring of company infrastructure and security incidents.
良いポイント:
Customizable, allowing for the custom parsers for log sources to be implemented along with 'logic based' customer rules to be created. For example, if 'X' happens within 10 minutes of 'Y'
改善してほしい点:
The pricing. The price of this tool negates many smaller companies purchasing.
Log Management Solution with Plethora of Options
製品を使ってみた感想: It was purchased as a checkbox for us for PCI compliance but overall it's done rather well for us.
良いポイント:
It was competitively priced compared to other SIEM solutions and they helped with the entire deployment so that was greatly appreciated.
改善してほしい点:
While there is a lot of options to this software that also makes it it's downfall, it's quite overly complex I think. Almost enough running parts that it requires a whole semester of a class to go over everything and get used to using it.
Best Enterprise Grade SIEM Solution.
製品を使ってみた感想: LogRhythm is the main SIEM solution we are currently using in securing the enterprise environment.
良いポイント:
LogRhythm is one of the best SIEM solutions i have used so far. it provide security analysts ability to perform quick drill down investigations and do deep analysis of the security incidents. It has a easy to use UI design and performing investigations on the LogRhythm is very easy. Quick filters in the investigations are also very helpful in investigations.
改善してほしい点:
Product implementation is somewhat difficult and we faced some log parsing issues when the logs were forwarded from Arcsight SIEM log forwarder to the LogRhythm log Collectors.
Excellent product
良いポイント:
This product is amazing. Many features & a very powerful tool. Excellent community and support is brilliant.
改善してほしい点:
Does take a bit of time to understand the product and it also takes time to fine tune the system.
From Initial Contact With Vendor To Implementation, Every Aspect Has Exceeded Expectations
製品を使ってみた感想: From initial contact with vendor to implementation, every aspect has exceeded expectations. Sales rep was very thorough in making sure product was a great fit for our needs. Implementation and scheduling was right on track and completed on time. We reviewed 7 different enterprise class SIEM platforms and LogRhythm really stood out above all others.
良いポイント:
Ability to integrate all the major product and services logs, as well as support for all the one offs.
改善してほしい点:
It's a little overwhelming learning all the features and how to's, but once you do it for a while, all is good.
Logrhythm
製品を使ってみた感想: Good company with good support, and the product is solid overall.
良いポイント:
Pretty easy to use as far as SIEM's go. Much faster than our previous log collector.
改善してほしい点:
Takes some getting used to the interface and learning your way around the software
High Five!!
良いポイント:
LogRhythm gives people a place to grow in their career for real. No fake at all
改善してほしい点:
Nothing at all. No complains about it.