LogRhythm Security Intelligence Platform

LogRhythm uniquely combines enterprise-class SIEM, Log Management, File Integrity Monitoring and Machine Analytics, with Host and Network Forensics, in a fully integrated Security Analytics platform. The LogRhythm solution gives customers profound visibility into threats and risks in areas that were previously exposed. Designed to help prevent breaches before they happen, LogRhythm Security Analytics accurately detects an extensive range of early indicators of compromise, enabling rapid response and mitigation. The deep visibility and understanding delivered by LogRhythm Security Analytics empowers enterprises to secure their networks and comply with regulatory requirements. LogRhythm delivers:

  • Next Generation SIEM and Log Management
  • Independent Host Forensics and File Integrity Monitoring
  • Network Forensics with Application ID and Full Packet Capture
  • Advanced Correlation and Pattern Recognition
  • Multi-dimensional User / Host / Network Behavior Anomaly Detection
  • Rapid, Intelligent Search
  • Large data set analysis via visual analytics, pivot, and drill down
  • Workflow enabled automatic response via LogRhythm’s Smart Response TM
  • Integrated Case Management

LogRhythm Products Overview

Detect, prioritize and neutralize cyber threats that penetrate the perimeter or originate from within.

Security Intelligence

Security Intelligence

Modernize your security operations center with LogRhythm’s unified, award-winning capabilities.

Learn more

Next-Gen SIEM

Next-Gen SIEM

Intrusions happen, threats emerge. See them when they do and neutralize them fast.

Learn more

Security Analytics

Security Analytics

LogRhythm works to simplify the inherently complex so that you can see more, do more and protect more.

Learn more

Next-Generation Log Management

Next-Generation Log Management

You’re buried in data. Find the information you’re looking for fast with LogRhythm’s Elasticsearch™ indexing layer and big data analytics platform.

Learn more

Network Monitoring and Forensics

Network Monitoring and Forensics

Detect network-based threats with real-time network monitoring and big data analytics. Expedite investigations by giving your incident responders deep visibility.

Learn more

Endpoint Monitoring and Forensics

Endpoint Monitoring and Forensics

Protecting the perimeter is no longer enough. Real-time endpoint monitoring can help you detect advanced attacks and insider threats.

Learn more


LogRhythm Appliances

LogRhythm high performance appliances are built to deliver maximum flexibility, with options ranging from convenient all-in-one platforms to high-performance, dedicated appliances for massive scalability in extremely large environments. Because of LogRhythm’s distributed, incrementally scalable architecture, deployments can scale horizontally and vertically by simply adding appliances. Regardless of the performance, storage or geographic requirements, LogRhythm is architected for flexible and efficient scaling.

LogRhythm Event Manager (EM)

LogRhythm EM appliances provide centralized event management and administration for a LogRhythm deployment. Each LogRhythm deployment has a single LogRhythm Event Manager, with an embedded Advanced Intelligence (AI) Engine License.

  • Appliance Lines: 3300, 5300, 6300

LogRhythm Log Manager (LM)

LogRhythm LM appliances provide high performance, distributed and redundant log collection and management. Log managers scale incrementally and can be configured to failover. Each LogRhythm deployment has at least one Log Manager.

  • Appliance Lines: 3300, 5300, 7300
  • Max Archiving Rates: 10,000 MPS, 25,000 MPS, 50,000 MPS
  • Max Processing Rates: 2,000 MPS, 5,000 MPS, 15,000 MPS

LogRhythm All-in-one (XM)

LogRhythm XM appliances provide all the capabilities of the EM and LM appliance on the same platform. Many deployments begin with an XM configuration providing a high performance solution in a single turn‐key appliance. An XM appliance can be combined with additional LM appliances to enable fault tolerance and increase the overall capacity and performance of a LogRhythm deployment. Every XM appliance comes with an embedded AI Engine License.

  • Appliance Lines: 4300, 6300
  • Max Archiving Rates: 10,000 MPS - 25,000 MPS
  • Max Processing Rates: 1,000 MPS - 5,000 MPS

LogRhythm Dedicated AI Engine (AIE)

LogRhythm AIE appliances deliver high-capacity, automated correlation and behavioral analysis of all data in real-time, delivering immediate visibility to threats and critical issues that would otherwise go undetected.

  • Appliance Lines: 5300, 7300, 9300
  • Max Processing Rates: 5,000 MPS, 30,000 MPS, 75,000 MPS

LogRhythm Network Monitor (NM)

LogRhythm NM appliances provide full visibility into network traffic, identifying applications via deep packet inspection, providing real-time unstructured search access to all metadata and packet captures, as well as optionally forwarding layer 7 flow data to the SIEM and other integrated solutions for further analysis

  • Appliance Lines: 3300
  • Max Processing Rates: 1 Gbps

LogRhythm Site Log Forwarder (SLF)

LogRhythm’s optional SFL appliances collect all log, flow and machine data for secure transport from remote locations to LogRhythm LMs. SFLs additionally manage bandwidth consumption via collection scheduling and/or compression of transmitted data

  • Appliance Lines: 3310