# Falcon Next-Gen SIEM Reviews **Vendor:** CrowdStrike **Category:** [Log Analysis Software](https://www.g2.com/categories/log-analysis) **Average Rating:** 4.2/5.0 **Total Reviews:** 20 ## About Falcon Next-Gen SIEM Falcon Next-Gen SIEM stops breaches by unifying data, threat intelligence, and workflow automation on one complete AI-native SOC platform. Built from the ground up around a modern security analyst experience, it amplifies the speed and efficiency of incident response. Your team can search up to 150x faster and scale to 1PB/day of data ingestion while achieving 80% cost savings compared to legacy SIEMs. CrowdStrike Falcon Next-Gen SIEM uncovers threats instantly with real-time threat detection, live dashboards and world-class intelligence. AI-assist features transform your entire team into experts by visualizing incidents in an elegant graph and automating manual investigation steps. For the first time ever, you can unify security on one platform to hunt down and eliminate fast-moving threats and achieve compliance. ## Falcon Next-Gen SIEM Reviews ### 1. Powerful SIEM That Delivers, But Expect a Learning Curve **Rating:** 4.5/5.0 stars **Reviewed by:** Aman D. | Artificial Intelligence Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** May 26, 2026 **What do you like best about Falcon Next-Gen SIEM?** What I like most is that everything is in one place. Before, we were constantly jumping between tools, and things would get missed. Now, logs and alerts from different sources come together in one view, and it actually makes sense when you look at it. The correlation engine is honestly what sold me. It automatically picks up connected events—things our team would have spent hours trying to piece together manually. The search speed is no joke either: even with massive log volumes, you get results quickly, which makes a huge difference during a live incident. Overall, it’s made our investigations faster and given the team much better visibility, without adding extra complexity to our workflow. **What do you dislike about Falcon Next-Gen SIEM?** The interface can feel like a lot when you are just getting started — it is not the most intuitive for newer team members and takes some getting used to. Detection rule setup and fine tuning took way longer than we expected, mostly trial and error in the beginning which ate into time we did not really have. On the support and onboarding side, better guided walkthroughs would have saved us a lot of headaches early on. Pricing is also on the higher side which for smaller teams is worth thinking about before committing. The AI driven detections are impressive but honestly take some experience to fully understand and act on. Integrations work well overall but initial configuration is not always as plug and play as you would hope. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** Alert fatigue was honestly our biggest headache before this. Too many tools, too much noise and the team was burning out trying to keep up. Falcon Next-Gen SIEM brought everything under one roof and suddenly we could actually see what was going on without drowning in irrelevant alerts. The automatic event correlation has been a game changer for us. Things that would have taken the team hours to piece together manually now surface on their own. During incidents the fast search means we are not sitting around waiting — we get to the root cause quickly and respond before things escalate. Overall it has saved us a significant amount of time and given the whole team much more confidence in our security coverage. ### 2. Fast, Intuitive SIEM with Seamless Falcon Suite Integration **Rating:** 4.5/5.0 stars **Reviewed by:** Darsh A. | Cyber Security Consultant, Small-Business (50 or fewer emp.) **Reviewed Date:** May 22, 2026 **What do you like best about Falcon Next-Gen SIEM?** Falcon Next-Gen SIEM works well with other Falcon Suite products and provides a unified platform, which makes it easy to detect and investigate events. Data onboarding and parsing are very straightforward, and event searching is extremely fast. The charlotte AI makes it easy to create detection rules. The pricing is very low compared to its competitors. UI/UX of falcon platform is very intuitive and CrowdStrike provides excellent support with fast response to any issues. **What do you dislike about Falcon Next-Gen SIEM?** The customizability of the product is very low and the documentation is not much detailed. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** It provides us an extremely fast and stable platform where we onboard first party endpoint data, as well as third part data. As it comes integrated with XDR and SOAR, all our use cases are fulfilled with single platform and that too with low pricing. ### 3. Centralizes Security and Boosts Efficiency **Rating:** 4.5/5.0 stars **Reviewed by:** Ajayrajsinh V. | Observability Engineer, Computer Software, Small-Business (50 or fewer emp.) **Reviewed Date:** May 29, 2026 **What do you like best about Falcon Next-Gen SIEM?** I like Falcon Next-Gen SIEM for its real-time visibility across the environment, which keeps investigations simple and efficient. The main advantage is that it pulls data only once and shares that data across multiple modules, like cloud endpoint or SIEM. Its search performance is fast, and the interface is easy to navigate. The CrowdStrike out-of-the-box connectors make data onboarding very easy. These features help us reduce the time spent searching through large volumes of security data and investigating incidents. Real-time visibility allows us to identify potential threats as they occur, while fast search capabilities make it easy to quickly find relevant events during investigations. The intuitive interface also helps analysts work more efficiently. Additionally, the initial setup is pretty easy and straightforward, as it's a SaaS-based solution. It delivers strong visibility and fast access to data, helping teams respond to threats more quickly and confidently. **What do you dislike about Falcon Next-Gen SIEM?** First of all it has less set of commands for query and also it doesn't give flexibility to create our own custom commands based on our needs. The Falcon Foundry is tricky so creating your own application is a bit hard compared to other platforms. Also, the documentation is also limited and inside the platform only. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** Falcon Next-Gen SIEM centralizes and analyzes logs from multiple sources, solving log visibility, threat detection, and incident investigation challenges. Its fast search performance and real-time visibility improve our efficiency in monitoring security events and responding to threats quickly. The intuitive interface boosts search and investigation efficiency. ### 4. Fast Search, Seamless Integration, but Learning Curve Present **Rating:** 4.0/5.0 stars **Reviewed by:** Deep P. | SIEM Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** April 30, 2026 **What do you like best about Falcon Next-Gen SIEM?** I really like the fast search capability of Falcon Next-Gen SIEM, which lets me quickly pivot across large volumes of logs during investigations without delays. The seamless integration with endpoint data is another highlight, allowing for efficient correlation of alerts and endpoint activity in the same place, which speeds up root cause analysis. The unified platform reduces the need to switch between multiple tools, making investigations much quicker. Additionally, the initial setup is pretty straightforward since it's cloud-based, enabling data integration through connectors or creating new users with different roles. **What do you dislike about Falcon Next-Gen SIEM?** One area for improvement in Falcon Next-Gen SIEM is the learning curve, especially for query language and advanced use cases. Some features and integrations are still evolving, so it may not be as mature or flexible as traditional SIEMs in certain scenarios. Also, documentation can be improved as there is no open source documentation or mainly community support. I would like to see broader third-party integrations and more functions in the query language could also improve it. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** I use Falcon Next-Gen SIEM for centralized log management, real-time threat detection, and improved visibility. It helps with threat hunting and incident investigation, solving the challenge of handling large log volumes and enabling fast search. It reduces alert noise and correlates data across sources. ### 5. NGSIEM Delivers Unmatched Performance, Clean UI, and Seamless Integrations **Rating:** 5.0/5.0 stars **Reviewed by:** Drew L. | SR Systems Administrator, Consumer Goods, Mid-Market (51-1000 emp.) **Reviewed Date:** April 10, 2026 **What do you like best about Falcon Next-Gen SIEM?** NGSIEM basically has all of the capabilities that all other SIEMS brag about, but arent great at implementing. The UI is clean and easy to use, it integrates with multiple other products and feeds additional data to other third party integrations, the performance is unmatched, pricing isn't and issue since it comes standard for everyone! Crowdstrike has worldclass support and is always there to help you get up and running. Like with all of their products, you can use the built in, AI, Charlotte - to query the SIEM and get accurate and helpful results! **What do you dislike about Falcon Next-Gen SIEM?** Like with any Crowdstrike product, there's a lot of configuring to do. There is a learning curve. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** It's our All In One SIEM! ### 6. A good tool but not recognized in the Cybersecurity domain anymore. **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Retail | Mid-Market (51-1000 emp.) **Reviewed Date:** August 19, 2023 **What do you like best about Falcon Next-Gen SIEM?** It possessed substantial power and incorporated regular expression (regex) support to elevate its capabilities for searching, hunting, and troubleshooting. **What do you dislike about Falcon Next-Gen SIEM?** Doesn't appear to be a widely recognized or commonly known term or tool in the realm of cybersecurity or technology. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** We're highly satisfied with Logscale as it significantly improves search performance, enabling us to handle larger data sets more efficiently. While Logscale currently offers fewer integrations compared to Splunk, this is changing over time. Another advantage is the option to develop custom apps when necessary. We chose the Logscale Complete Route for our transition. ### 7. Humio gives me the convenience to ingest our 1 TB of log volume on each node **Rating:** 4.0/5.0 stars **Reviewed by:** Nikitha S. | Cloud Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** May 12, 2022 **What do you like best about Falcon Next-Gen SIEM?** Humio provides superb data aggregation reports thanks to its well-rounded observability framework. Its relatively easy to explore, iterate and understand all our logs and also offers excellent compatibility for our hybrid cloud deployments. We can easily pinpoint security concerns in any environment and it makes it simple to perform RCA. **What do you dislike about Falcon Next-Gen SIEM?** There's a dependency on ingest listeners while working with our Syslog data in Humio platform. Without these, Humio SaaS won't be able to accept logs from Syslog. Apart from this, we didn't encounter any hurdles while working with the Humio platform for container solutions. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** Container visualization is beneficial for our security team using Humio we can easily observe health check routines, capacity thresholds and drifts from the expected outcomes. The compression algorithm effectively optimizes available data size in clusters and the ratio between disks & CPU resources. We are able to manage about 1 TB of ingest log volume per day on each node which is helpful for our production setup of clustered version as per our client's specifications. Its comprehensive border security features encompass all structured & unstructured data, making it easy to analyze and correlate data in our hybrid cloud infrastructure. ### 8. Good log aggregation, slow UI **Rating:** 3.5/5.0 stars **Reviewed by:** Ogaday W. | Machine Learning Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** January 28, 2021 **What do you like best about Falcon Next-Gen SIEM?** Now that Humio has been set up up by our platform team, all logs from all further applications and deployments are being streamed to Humio without the need for any additional configuration at the application level, which is fantastic. We develop on top of Kubernetes, and as well as application logs, we get platform logs, so we can debug and monitor the whole stack. The handling of structured logs is also really nice. Humio automatically parses many formats, and you can write your own custom log parsing rules. Once your logs are being parsed correctly, you can filter and display specific fields from your logs, and save the results into persistent, live dashboards for your applications. **What do you dislike about Falcon Next-Gen SIEM?** The only thing I dislike about Humio is the UI. Scrolling through your logs to find relevant messages can be tough unless you've set up quite a few filters. Each page of logs contains only contains 200 lines, which, for any significant application, is not much. I don't know if it's just my browser, but I find the pagination painfully slow! This aspect of the UI is the only downside. It can be mitigated by smart filtering, but I still find it a bit awkward to wait for the next page of logs to load. **Recommendations to others considering Falcon Next-Gen SIEM:** Used structured logging to make the most of Humio. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** I use Humio to debug my applications and view my application logs. On top of that, I use humio to take advantage of structured logging and build persistent dashboards for different projects, so I can monitor my the running of my applications over time. ### 9. Amazingly fast and superb documentation **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Enterprise (> 1000 emp.) **Reviewed Date:** January 21, 2021 **What do you like best about Falcon Next-Gen SIEM?** The easy integration with existing systems using raw syslog or elastic bulk ingest api and their Grafana plugin. And of course the price. Very cheap compared to other enterprise similar products. **What do you dislike about Falcon Next-Gen SIEM?** While there is a very good and comprehensive online documentation for the entire product, it is also a lot to read up on just to be able to do somewhat basic searches and alerting. But once you get a hang of it, it is no problem at all. No pre-made parsers for syslog data, so you will most likely have to make a few parsers that breaks the log data down into individual searchable fields yourself. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** We are in the process of moving all of out logging to Humio, and are already using it for alerting and in operations. ### 10. Great Service! **Rating:** 4.0/5.0 stars **Reviewed by:** Craig H. | Software Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** January 21, 2021 **What do you like best about Falcon Next-Gen SIEM?** Their query language is pretty solid and the data ingest performance is much more consistent than competing services. **What do you dislike about Falcon Next-Gen SIEM?** The interface is sometimes a bit confusing, but it's understandable due to the complexity. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** We are able to handle large amounts of data much more efficiently than we could with previous systems. ### 11. Powerful, customizeable and user friendly log management system **Rating:** 5.0/5.0 stars **Reviewed by:** Niklas E. | Software Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** January 22, 2021 **What do you like best about Falcon Next-Gen SIEM?** The simplicity of the query language and the easy way to filter logs based on fields. The Humio Query Language lets me compose advanced queries that I need to analyze data in Humio. **What do you dislike about Falcon Next-Gen SIEM?** I've been using Humio for about 6 months now and I can't come up with anything that I dislike. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** Centralized logging - a one stop shop for all the logs for all our services. As we are moving towards microservices it is very important with observability into our applications. Humio helps us with that. ### 12. Quick and Easy Log Indexing **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** March 01, 2021 **What do you like best about Falcon Next-Gen SIEM?** Lower infra cost than other on-prem solutions. Search result speed. **What do you dislike about Falcon Next-Gen SIEM?** The documentation could use some updates. **Recommendations to others considering Falcon Next-Gen SIEM:** If you’re considering open source instead, be sure to dig into the difference between how much hardware for an ES cluster with similar performance will cost you. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** Cloudtrail indexing and search ### 13. Humio helped identify operational issues **Rating:** 2.5/5.0 stars **Reviewed by:** Verified User in Insurance | Enterprise (> 1000 emp.) **Reviewed Date:** March 02, 2021 **What do you like best about Falcon Next-Gen SIEM?** 1. Speed of search is good 2. Speed of ingestion seems to be good. **What do you dislike about Falcon Next-Gen SIEM?** 1. UI interface is very basic 2. Dashboards need to be made more elegant. 3. Scripting challenged users may have a little difficulty creating queries or dashboards. 4. Dashboarding needs to be improved to professional grade UI look and feel **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** 1. Quickly identify root causes for issues that are impacting user experience. ### 14. Solid Service for monitoring production applications **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Financial Services | Enterprise (> 1000 emp.) **Reviewed Date:** January 21, 2021 **What do you like best about Falcon Next-Gen SIEM?** Humio provides quick access to our system logs. Quick to get up and running as a user **What do you dislike about Falcon Next-Gen SIEM?** Lack of customisation, in particular, custom views for log where some fields are more relevant than others **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** Faster more reliable access to logging systems. ### 15. Good tool for looging **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Newspapers | Mid-Market (51-1000 emp.) **Reviewed Date:** January 22, 2021 **What do you like best about Falcon Next-Gen SIEM?** Like the parsing tool, it's really useful when it comes to debug some errors. **What do you dislike about Falcon Next-Gen SIEM?** Hard to say, but maybe the one thing is to make some prompts when you type the application name or just some other params. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** Solving related logging and especially when it comes to parsing our logs to find out particular problems. ### 16. Humio first impressions **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Financial Services | Enterprise (> 1000 emp.) **Reviewed Date:** January 26, 2021 **What do you like best about Falcon Next-Gen SIEM?** The structured logging allows complex processing if needed **What do you dislike about Falcon Next-Gen SIEM?** UX is unwieldy for viewing and filtering columns via web browser **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** Great structured application logging for microservices, ux could be improved ### 17. Its cheap and Great. **Rating:** 4.0/5.0 stars **Reviewed by:** Utkarsh S. | Software Developer, Information Technology and Services, Mid-Market (51-1000 emp.) **Reviewed Date:** April 27, 2019 **What do you like best about Falcon Next-Gen SIEM?** What i really like about humio is that it's very easy to use and its awesomely fast. They have a very supportive team and they are always there for you to help 24/7. You can use regular expressions over the entire event makes it genuinely powerful. One of the many really awesome and powerful features are that you can create ah hoc dashboards without worrying about having the appropriate index etc. in place or at a time. **What do you dislike about Falcon Next-Gen SIEM?** It can be a little hard as we still have to learn query language to use Humio, this is an investment you will have to make to get the most out of the product. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** It really helped alot as every logging solutions are very expensive but Humio is very cheap and better as compared to them. Its a good option if you want to save money. And it gives a certain comfort and preparedness knowing that you can fully rely on the data available from the logs. ### 18. Awesome overall, excels in complex querying and charting **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Small-Business (50 or fewer emp.) **Reviewed Date:** December 31, 2018 **What do you like best about Falcon Next-Gen SIEM?** We tried many different solutions for log management (papertrail, logdna, datadog logs, logzio, stackdriver logs, scalyr, etc.) and finally settled on Humio - it manages to combine a good UI with some of the best advanced querying and charting features we've seen. **What do you dislike about Falcon Next-Gen SIEM?** The feature set is quite comprehensive so there is a learning curve. Some UI features like continuous scroll are still in development (expected in early 2019 I'm told). Occasionally you'll hit a UI bug, but support is awesome - they release fixes sometimes within hours. Query performance is "okay" - it's not the fastest logging solution we've tried but it supports the most complex queries. **Recommendations to others considering Falcon Next-Gen SIEM:** If you're looking for an affordable logging solution that supports highly complex queries and advanced charting/dashboards, this is it. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** Centralized log management (nginx logs, haproxy logs, system logs, app/custom logs, etc.) ### 19. Great tool for log management **Rating:** 4.0/5.0 stars **Reviewed by:** Ashu G. | Software Development Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** November 25, 2018 **What do you like best about Falcon Next-Gen SIEM?** It helps me to analyse Raw data at anywhere I want. It helps me keep a log of the data this is I like the most about humio. **What do you dislike about Falcon Next-Gen SIEM?** The Graphic user interface is not very user friendly and creates confusion sometimes.But once you get familiar with the functionalities this is very useful tool. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** Humio helps me to understand the raw data and helps me to analyse data and at the same time helps me to keep the log also. ### 20. My honest review for humio **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Mid-Market (51-1000 emp.) **Reviewed Date:** December 19, 2018 **What do you like best about Falcon Next-Gen SIEM?** It's dashboard feature is amazing. Humio is very fast it can manage very large amount of data easily. There is a good selections of graph tools available. **What do you dislike about Falcon Next-Gen SIEM?** The GUI is not pretty nice and it is bit confusing at times. The server nodes is occasionally down. Here is some small features are missing. **What problems is Falcon Next-Gen SIEM solving and how is that benefiting you?** The humio team is very helpful listins to our requests. Today we use humio across the board. and we are happy customer. Humio help us alot ## Falcon Next-Gen SIEM Discussions - [Is Humio open source?](https://www.g2.com/discussions/is-humio-open-source) - [Is Humio a SIEM?](https://www.g2.com/discussions/is-humio-a-siem) - [How Humio works?](https://www.g2.com/discussions/how-humio-works) - [What is Humio used for?](https://www.g2.com/discussions/what-is-humio-used-for) - [View Falcon Next-Gen SIEM pricing details and edition comparison](https://www.g2.com/products/falcon-next-gen-siem/reviews?section=pricing&secure%5Bexpires_at%5D=2026-06-10+21%3A18%3A19+-0500&secure%5Bsession_id%5D=13bdcacf-9b34-42a8-997e-631a464b1a7a&secure%5Btoken%5D=73dfe59a8b42f51fe34bef74bf8a2fac541bd57075ef268802988912cdb78967&format=llm_user) ## Falcon Next-Gen SIEM Integrations - [Cisco Meraki](https://www.g2.com/products/cisco-meraki/reviews) - [Microsoft 365](https://www.g2.com/products/microsoft365/reviews) ## Falcon Next-Gen SIEM Features **Visibility** - Dashboards and Visualizations - Alerts and Notifications - Reporting **Activity Monitoring** - Usage Monitoring - Database Monitoring - API Monitoring - Activity Monitoring **Data Preparation** - Data Sources - Indexing - Automated Tagging - Data Blending **Alerts management** - Multi-mode alerts - Opimization alerts - Incident alerts **Cloud Visibility** - Data Discovery - Cloud Registry - Cloud Gap Analytics **Monitoring and Management** - Automation - Performance Baseline - Real-Time Monitoring **Security** - Compliance Monitoring - Risk Analysis - Reporting **Analysis** - Track Trends - Detect Anomalies - Metric and Event Data - Search - Alerts - Live Tail **Monitoring** - Resource utilization - Real-time monitoring - Performance baseline - API monitoring **Automation** - Resolution automation - Automation **Security** - Data Security - Data loss Prevention - Security Auditing **Administration** - Security Automation - Security Integration - Multicloud Visibility **Visualization** - Dashboards - Data Discovery **Agentic AI - Log Monitoring** - Autonomous Task Execution - Multi-step Planning - Cross-system Integration - Adaptive Learning - Natural Language Interaction - Proactive Assistance - Decision Making **Identity** - SSO - Governance - User Analytics **Analysis** - Search - Reporting - Visualization - Track trends **Agentic AI - Cloud Security Monitoring and Analytics** - Autonomous Task Execution - Proactive Assistance - Decision Making **Agentic AI - Log Analysis** - Autonomous Task Execution - Multi-step Planning - Cross-system Integration - Adaptive Learning - Natural Language Interaction - Proactive Assistance - Decision Making **Issue Resolution** - Root cause identification - Resolution guidance - Proactive identification ## Top Falcon Next-Gen SIEM Alternatives - [Datadog](https://www.g2.com/products/datadog/reviews) - 4.4/5.0 (703 reviews) - [Splunk Enterprise](https://www.g2.com/products/splunk-enterprise/reviews) - 4.3/5.0 (414 reviews) - [Splunk Infrastructure Monitoring](https://www.g2.com/products/splunk-infrastructure-monitoring/reviews) - 4.3/5.0 (48 reviews)