Strengths: Provides granular analysis features, such as replay and geolocation to track events.
Weaknesses: None that we found.
Verdict: For its excellent functionality, we make this our Recommended product this month.
The LogRhythm appliance offers some very powerful functionality for log management and security event management. This product is designed for the large enterprise and distributed environments. With features that include log management and analysis, file integrity monitoring, event management, network and user monitoring, and geolocation tracking, this product can provide the detail needed for in-depth security event analysis.
The appliance comes preloaded with all the necessary software for the LogRhythm platform, including Microsoft Server, SQL Server, and all the LogRhythm components, so there is no actual installation that has to be done. Just a short Windows setup wizard and the appliance is ready to go. After the appliance is set up, all management and configuration is done through the management console. We found this console to be easy to navigate with a well-organized layout. The dashboard itself includes a wealth of information that is quite easy to drill down into and view.
This product is all about detail. Every alert, chart or graph can be clicked on and drilled into. This appliance provides a great amount of depth and allows for going all the way into the source log data. To get a closer look for analysis, there is also the ability to use replay to go back and analyze past events as they happened.
Documentation included a short quick-start guide, which outlines how to get the appliance up and running, and a much larger PDF administrator guide. We found the administrator guide to be well-organized with clear step-by-step instructions and configuration examples, as well as many screen shots and diagrams.
LogRhythm offers 11/5 phone and email support at a cost of 20 percent of the purchase price of the appliance annually. There is also 24/7 support available at a cost of 30 percent. There is also a support portal available to customers that includes access to documentation, software patches and other support resources.
At a price of $25,000, this product may seem quite pricey, but we find it to be a great value for the money. The LogRhythm appliance offers a solid feature set with a lot of granular analysis capability.