LogRhythm Platform Comparison (On-prem vs LogRhythm Cloud)
Capability | LogRhythm on-prem | LogRhythm Cloud | Notes |
Entity, Network and Host Management | Yes | Yes | |
AIE Rule creation | Yes | Yes | |
Knowledge Base | Yes | Yes | |
UEBA | Yes | Yes | |
NDR | Yes | Partial | Integration with on-premise Network Monitors to retrieve PCAP in the Web Console is not supported. |
TIS – Open Source & Commercial | Yes | Yes | |
API access - Internal | Yes | Yes | The REST API is available. The SOAP API is not. |
AD integration | Yes | No | Affects Windows Host Wizard and Lists based on AD Groups. Workarounds available. User management has moved to Single Sign On. |
Single Sign On (SSO) | Yes | Yes | |
Full Log Collection | Yes | Yes | |
Data Archiving | Yes | Yes | |
Reporting | Yes | Yes | |
Case Management | Yes | Yes | |
High Availability | Yes | N/A | |
Disaster Recovery | Yes | N/A | |
Web Console | Yes | Yes | |
Custom Dashboards | Yes | Yes | |
MPE Rule Creation | Yes | Yes | |
SmartResponse | Yes | Yes, from Agent | |
Playbooks | Yes | Yes | |
Direct SQL Access | Yes | No | Direct SQL Access is unavailable. As such, the following tools are unsupported: Echo, Kibana integration. |
| Cloud to Cloud log collection | No | Yes |