We changed our name from IT Central Station: Here's why

LogRhythm Enterprise UEBA OverviewUNIXBusinessApplication

What is LogRhythm Enterprise UEBA?

LogRhythm UEBA enables your security team to quickly and effectively detect, respond to, and neutralize both known and unknown threats. Providing evidence-based starting points for investigation, it employs a combination of scenario analytics techniques (e.g., statistical analysis, rate analysis, trend analysis, advanced correlation), and both supervised and unsupervised machine learning (ML).

LogRhythm Enterprise UEBA was previously known as LogRhythm CloudAI, LogRhythm UEBA.

Buyer's Guide

Download the User Behavior Analytics - UEBA Buyer's Guide including reviews and more. Updated: January 2022

LogRhythm Enterprise UEBA Customers


LogRhythm Enterprise UEBA Video

LogRhythm Enterprise UEBA Pricing Advice

What users are saying about LogRhythm Enterprise UEBA pricing:
  • "The pricing is nice when compared to other products in the industry."
  • "Licensing is on a yearly basis. It's not expensive compared to its competitors."
  • LogRhythm Enterprise UEBA Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    ITCS user
    Team Lead - Network and Security at Connex Information Technologies
    Real User
    Top 5Leaderboard
    Good file and registry activity monitoring capability, and the support team is helpful
    Pros and Cons
    • "The most valuable features are file activity monitoring and registry activity monitoring."
    • "It would be helpful if there were more guidance provided for integrating with unsupported devices."

    What is our primary use case?

    We are a solution provider and this is one of the products that we implement for our clients.

    Customers in Sri Lanka generally purchase this product for network monitoring. 

    How has it helped my organization?

    Implementing this provides greater visibility into the network, as well as client activities.

    What is most valuable?

    This solution is really easy to configure.

    The most valuable features are file activity monitoring and registry activity monitoring. Users like to have insight as to what is being modified while certain processes are running.

    There is a large number of supported devices.

    What needs improvement?

    It would be helpful if there were more guidance provided for integrating with unsupported devices.

    For how long have I used the solution?

    I have been working with this solution from LogRhythm for about three years.

    What do I think about the stability of the solution?

    We have had no bugs, glitches, or other problems with stability.

    What do I think about the scalability of the solution?

    Scalability has not been an issue for us.

    How are customer service and technical support?

    I have been in contact with technical support and they are really good. They have guided us when we've had problems with misconfiguration.

    How was the initial setup?

    It took us about a month and a half to deploy this solution. The first month involved the setup and then there were two weeks of fine-tuning. In total, after six weeks we were able to bring up the system without any issues.

    The deployment for our customers is usually on-premises, although there is a cloud version as well.

    What's my experience with pricing, setup cost, and licensing?

    The pricing is nice when compared to other products in the industry.

    What other advice do I have?

    Overall, this is a really good product and I recommend it.

    I would rate this solution an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
    Cyber Security Consultant at a tech services company with 1,001-5,000 employees
    Reseller
    Top 5
    Has many valuable features but consumes too many resources
    Pros and Cons
    • "It has a lot of features. It has file integration monitoring."
    • "It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."

    What is our primary use case?

    Our primary use case is to identify the identities and anomalous user behavior and to enhance visibility. 

    What needs improvement?

    It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved. 

    For how long have I used the solution?

    I have been using LogRhythm Enterprise UEBA for five years. 

    What do I think about the scalability of the solution?

    The scalability is quite good. We don't have any issues with it. The only problem is that the agents consume too much memory and system resources. The memory and resource consumption is high. 

    How are customer service and technical support?

    We have contacted technical support. On a scale from one to ten, I would rate them a six. They respond but it's time-consuming to contact support. We repeatedly call them and they don't respond. They're not as good as other support in the industry. 

    How was the initial setup?

    It's straightforward. It takes a few days to find anomalies and abnormal behavior. In general, it's of medium level complexity. 

    What's my experience with pricing, setup cost, and licensing?

    Licensing is on a yearly basis. It's not expensive compared to its competitors. 

    Which other solutions did I evaluate?

    We also evaluated CrowdStrike. 

    What other advice do I have?

    I would rate it a seven out of ten. 

    I would recommend this solution so long that LogRhythm does something about the memory and resource consumption. It has a lot of features. It has file integration monitoring but when it's applied it consumes too many resources. It's a big problem with the agents. 

    They should improve the interface to make it a better rating. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller