Sumo Logic Security and Grafana Loki are two contenders in the security and data monitoring landscape. Users generally find Grafana Loki offers valuable features worthy of its price, positioning it as a superior product due to its comprehensive open-source capabilities and robust performance in handling logs compared to Sumo Logic Security.
Features: Sumo Logic Security provides advanced analytics, integrations with third-party tools, and support for various data sources for security monitoring. Grafana Loki focuses on log aggregation, visualization capabilities, and performance in Kubernetes environments.
Room for Improvement: Sumo Logic Security users suggest better data integration breadth, more user training support, and enhancements in analytics. Grafana Loki users recommend improvements in log querying, clearer documentation, and faster user-driven feature developments.
Ease of Deployment and Customer Service: Sumo Logic Security gets praise for straightforward deployment and responsive support, helping users in the deployment journey. Grafana Loki requires initial setup expertise, but has strong community support to complement deployment.
Pricing and ROI: Sumo Logic Security offers competitive pricing models with integration benefits for enterprises. Grafana Loki delivers high ROI with its minimal costs due to the open-source model, being recognized as cost-effective, though Sumo Logic's structured setup fits organizations needing extensive support.
Loki leads to significant cost savings by reducing server downtime and aiding engineers in prompt issue resolution.
We have saved 64 hours of our time overall.
The return on investment I have seen with Sumo Logic Security in the past year and a half is tough to quantify, but I would estimate it has hit the milestones we set internally for return on investment.
We have not had to open any tickets yet, as we solve issues through forums and wikis.
I usually do not use official support; I typically rely on community blogs and forums for support of Grafana Loki.
They have a response time of forty-eight hours, which is not instant support.
In general, they usually provide continuous support post-implementation, being in touch and trying to help, which makes their after-sale process better than Splunk.
Sumo Logic Security has really good customer support.
Loki offers great scalability, allowing us to manage and compress logs extensively.
Sumo Logic Security scales up automatically because it is a cloud-native SIEM, and I do not need to worry about hardware clusters or capacity planning.
The tool has high scalability because everything is based in the cloud.
I did not face any significant issues with Sumo Logic Security, but the pricing may be a concern as they try to upsell and raise the prices very quickly.
If there are many records, the system may stop or the UI may become unresponsive.
The query language is pretty straightforward and easy, and it is very powerful for building different searches and dashboards that will serve for later exploration of the same interests I have.
It operates very well as a cloud-native SaaS platform with high availability, and there is no downtime that I have experienced.
Improvements could be made in the enablement of the product, addressing the complexity of implementing these tools.
It would be beneficial if Loki could directly access Windows Server logs or events directly from the servers.
This can lead to alerts that are collections of disjointed signals that sometimes make no sense and lack real context; this simplistic approach makes it hard to find coherent stories during investigations.
I would also appreciate the AWS automation integrations to be more secure because currently, they are using access keys, which involves a user rather than roles, which is the security best practice recommended by AWS.
The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk.
The cloud version is competitively priced compared to other market solutions.
Since it is an open source tool, there are no charges or fees.
This makes it more cost-effective because other solutions often include a third element in their pricing.
From one to ten, where one is cheap and ten is expensive, I would put Sumo Logic Security at a seven.
If you go to the well-known vendors such as Azure Sentinel or other tools like Splunk, you are going to find them costly since they are well-known and they have much more integration compared to Sumo Logic Security.
It provides a clear picture about the state of the system and gives needed information for taking action and quickly fixing problems.
Grafana Loki is notably cost-effective.
The most valuable part of Loki is the ability to filter logs by keywords and devices.
The features I find most useful in Sumo Logic Security are the ease of implementation and connectors; they have a very easy connection and many connectors to important systems, making it very easy to implement and fast to start running in production.
They are able to save time on fewer alerts because we are able to perform tuning on the logs to be able to only get relevant or security relevant incidents.
My SOC analysts were crushed under Splunk, but Sumo has actually eased the workload and made it tolerable for three people.
| Product | Mindshare (%) |
|---|---|
| Grafana Loki | 3.5% |
| Sumo Logic Security | 1.3% |
| Other | 95.2% |
| Company Size | Count |
|---|---|
| Small Business | 7 |
| Midsize Enterprise | 8 |
| Large Enterprise | 4 |
| Company Size | Count |
|---|---|
| Small Business | 7 |
| Midsize Enterprise | 5 |
| Large Enterprise | 14 |
Grafana Loki is an efficient log aggregation system known for simple setup and integration with Grafana, supporting seamless log monitoring and data visualization across environments.
Grafana Loki is a lightweight, open-source log monitoring tool that simplifies the process of dashboard creation and log collection. It offers strong integration capabilities with platforms like Kubernetes and Grafana, enhancing log collection and alert systems while ensuring cost-efficiency. Its strength lies in its robust platform for gathering detailed log data to visualize infrastructure and API performance efficiently. While it supports storing data on object-based storage across clusters, it does have areas needing improvement, such as request correlation, metric creation, and enhanced alerts. Security, dashboard intuitiveness, and Docker performance are also slated for refinements. Deployment challenges exist in environments like ECS, and older versions might experience bugs. Enhancing visualization and easing production setups would further benefit users.
What are Grafana Loki's key features?Grafana Loki finds widespread use in industries requiring comprehensive log monitoring and performance analysis, particularly in technology and infrastructure sectors. It proves essential for system health checks, device security, and network performance monitoring, aiding businesses in accessing and analyzing logs efficiently. Organizations utilize Grafana Loki to monitor system and Docker logs, optimizing performance while visualizing key data for informed decision-making.
Sumo Logic Security offers efficient event monitoring with customizable alerts, centralized log search, and real-time threat detection. It supports multi-cloud environments and integrates with threat intelligence, reducing workload with AI-driven analytics.
Sumo Logic Security empowers organizations with advanced logging and monitoring solutions, facilitating comprehensive security event management. Its robust log search and comparison features, combined with user-friendly dashboards, enable quick event analysis. The platform's multi-cloud support and real-time threat detection are notable features, seamlessly integrating automated log correlation and AI analytics to optimize user experience. Despite needing enhancements in querying and dashboard functionalities, Sumo Logic Security remains a reliable choice for application log management, IT asset visibility, and incident alerting. Organizations utilize it for threat detection, posture monitoring, and compliance audits, in platforms like AWS, focusing on security insights and performance monitoring.
What are the key features of Sumo Logic Security?Organizations in industries like finance and technology implement Sumo Logic Security to maintain security and compliance, leveraging its advanced monitoring and alerting capabilities. Teams focus on application troubleshooting and forensic analysis, ensuring robust security posture and effective incident response across cloud-based environments.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
