What’s New in LogRhythm SIEM October 2025

For organizations that rely on an on-prem SIEM, maintaining operational resilience, efficiency, and security is non-negotiable. Regional disruptions can threaten log availability, fragmented workflows slow analysts down, and the SIEM itself must be hardened against new threats. Security teams need a platform that addresses these challenges directly.

The October 2025 release of LogRhythm SIEM delivers targeted updates to do just that. We’re introducing multi-cluster log forwarding for resilience, new metric widgets to accelerate analysis, a unified Threat Center to streamline investigations, and critical platform security updates to reinforce the foundation of your deployment.

Strengthen Resiliency With Multi-Cluster Log Forwarding

Security teams operating across multiple data centers cannot afford for regional outages to disrupt investigations or compliance reporting. The new multi-cluster log forwarding capability allows your organization to send log data to multiple LogRhythm clusters simultaneously. If one cluster goes offline, log data remains available in other regions, ensuring uninterrupted visibility for security operations and compliance mandates.

Gain Deeper Insights With New Metric Widgets

Analysts need to see trends, not just raw logs. To find anomalies, you need to measure activity over time. With new metric widgets, your team can now apply count, sum, average, minimum, and maximum calculations directly within dashboards. These advanced metrics make it easier to spot unusual activity, summarize findings for reports, and communicate insights more clearly. The result is faster investigations and more efficient reporting.

Streamline Investigations in a Unified Threat Center

Managing alarms and cases in separate views creates friction and forces analysts to lose valuable time switching between interfaces. This context switching makes it harder to see the connections between related alerts and increases the risk of missing a critical piece of information.

The new unified Threat Center brings alarms and cases together in one consolidated view. Analysts can now triage more effectively, understand the full scope of an incident, and make faster decisions without toggling between screens. This streamlined workflow improves investigative accuracy and reduces the risk of oversight.

Simplify O365 Log Collection and Monitoring

Managing Office 365 activity logs can be complex and manual. Without a clear way to verify what’s being collected, teams can be left with coverage gaps that delay investigations. The new collector sync simplifies the onboarding of O365 Management Activity logs and gives you clear visibility into the collection status directly within the Web Console. Your team can more easily verify that data is being ingested as expected, strengthening your visibility into critical cloud services.

Reinforce Your Foundation With Platform-Wide Security

The integrity of your SIEM is of the utmost importance. The October release introduces stronger self-signed certificates, more detailed audit records, and updated installer packages. These updates harden the LogRhythm SIEM platform against emerging threats and reinforce its reliability, ensuring your security operations is built on a powerful and secure foundation.

A More Resilient, Efficient, and Secure SIEM

The October 2025 updates help you maximize the value of your LogRhythm SIEM investment. Multi-cluster log forwarding ensures data is always available, new metric widgets help analysts find insights faster, and the unified Threat Center streamlines investigations. At the same time, improved O365 collection and platform-wide security updates provide a stronger foundation to keep you ahead of threats.

Ready To See These Updates in Action?

Join the upcoming webinar hosted by our product team.