This week’s review roundup is a selection from recent reviews of Security Information and Event Management (SIEM) solutions written by IT Central Station community members. 
Our community members have shared a range of informative reviews, giving readers real user experiences of these IT solutions. Making sure you use the right SIEM solution can be critical to the smooth operation of your business – SIEM technology provides real-time analyses of security alerts and is also useful in logging security data and generating reports. Read what our real users have to say about these SIEM solutions:
Splunk - “The most valuable feature for me is alerting. Using Splunk, production support teams can retrieve salient logging data from massive distributed systems in seconds…The initial setup was complex – need to identify source types in advance, and a large deployment with multiple indexers can be tricky. We initially implemented in-house, and then through Splunk themselves to upgrade and improve. Before implementing Splunk we used an in-house system, but Splunk offered far more to us. Also, their customer service is good and their technical support is excellent. Our ROI was big!” Read the full Splunk review.
ArcSight - “ArcSight functions to integrate all network & security logs. It’s very easy to use and thus real time monitoring has become easy by implementing active channel with all correlated alerts. SOC can monitor these correlated alerts and take action on them. ArcSight uses Oracle DB, which is a bit slow for read/write functions and the main downside to this product.” Read the full ArcSight review.
LogLogic - “You can collect almost any type of log from almost any platform or source. Documentation is extensive with excellent cookbooks. Implementation is very simple and fast. GUI is very intuitive. Platform is stable (max uptime is almost 2Y). There is a large number of predefined reports. Response to problems was significantly faster. We quickly discovered the cause of the problem and also we have wasted less time on periodic reporting for auditors…Other vendors have gone a lot further in developing SIEM functionality. [Initial Setup] was surprisingly straightforward. After setting up network and initial parameters, the only thing remaining is to redirect logs from source to appliance. All supported log types are automatically recognized and that was great! All together that’s about two hours of work.” Read the full LogLogic review.
Visit IT Central Station to read more reviews of SIEM solutions, including Solarwinds, and Q1 Labs.
The post Splunk vs. ArcSight vs. LogLogic: SIEM Review Roundup appeared first on Enterprise Tech Central.
