Ranked in these QuestionsQuestion Ranking
Pro Average repair time is heavily reduced by scripted responses
Proactive, automated remediation of problems that always take way too long to find and solve are easily and actively repaired by using scripted responses.
Pro Integrates with many third-party services
They have a "Trigger" interface which lets you set alerts, send to email, send to Slack (Webhooks) and also can send to scripts which lets you do just about anything imaginable such as looking up other sources of information about an event (device info, last 5 logins, change management, etc.).
Pro The dashboards are great
You can see the data in real time and choose what you want to see. You can also create several dashboards (easy to create) to get all the views of your data, allowing you to be proactive with your network.
Pro Easy to install
LogZilla can be installed with a single command and usually takes less than ten minutes to install.
Pro Great usability
Logzilla gives users the ability to pull real time data sorted by host severity and lets users watch actual network events come through.
Pro Relatively low cost
Pro Unlimited retention
Patented deduplication means that 120TB of data may be as little as 6 TB (95% reduction) with zero bytes lost.
Pro Lets you create custom reports
LogZilla lets you create lots of customized reports including Top Hosts, Top Errors, Top Security Violations, etc. It is also useful for generating compliance reports to support PCI, HIPAA and other auditable requirements.
Pro Log spike flooding does not take down the logging system
There have been instances where the flood increased almost 17,000 more logs per second with no performance degredation.
Con Poor customer support
Support is lacking and not as responsive as would be desirable.
The system is self-hosted and complicated to setup.
You must purchase a license that is based on the number of messages sent. This quickly becomes more expensive. Additionally, the pricing is not public, you have to reach out to them to get pricing for your specific setup.
Con Interface is hard to use
The interface is very data centric, which is good, but it is hard to use and often confusing. Many times actions result in no data or errors.