Logpoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs.
LogPoint's most valuable features include its user-friendly interface and integration capabilities, surpassing other products like Wazuh and LogRhythm. The exceptional dashboard and cost-efficiency are also highly regarded.
Users appreciate the ease of use, powerful query language, and accessibility through the web interface. The user and entity behavior analytics (UEBA) feature is considered valuable, along with the ability to create tailored use cases based on assets.
The combination of SIEM and SOAR in one solution sets LogPoint apart. Additionally, the translation service provided by LogPoint for logs from exotic applications is highly praised. The search feature, dashboards, and centralization of logs are also seen as valuable.
LogPoint's comprehensive capabilities for gathering and parsing logs from various systems, along with its use of AI and machine learning technology for monitoring endpoints and user activity, make it a top choice in the market.
Improvements can be made to LogPoint in several areas. Firstly, the agent installation method needs improvement as it currently requires manual updating of IP addresses and codes. This process should be streamlined to allow for easier integration of systems into LogPoint without the need for agents. Additionally, the user and installation guides should be improved to make them more accessible to users with basic knowledge.
The graphical user interface (GUI) of LogPoint could also use improvement. While the solution is usable, the GUI lacks aesthetics and is considered outdated. Other SIEM tools such as IBM QRadar and LogRhythm have more user-friendly and visually appealing UIs. LogPoint should consider enhancing its UI with features like color and a custom dashboard to provide a better user experience.
Log management could be better in terms of log transportation from a password to the client system, as it currently takes time. LogPoint should work on optimizing this process for more efficient log management.
Handling multiple types of logs is another area for improvement. LogPoint sometimes discards logs and has difficulty processing various types of logs. Adding a multiple-log processing feature in the next release would be beneficial.
Memory consumption and performance issues have been reported with LogPoint, especially when running as virtual services. These issues should be addressed to improve the overall performance of the solution.
While LogPoint provides preset dashboards, customization options are limited. Users should have the ability to create and customize dashboards according to their specific needs.
One downside of LogPoint is that it is not a Software-as-a-Service (SaaS) solution and can only be deployed on-premises. In today's industry, it is more favorable to have cloud-native solutions that can be deployed in popular cloud platforms. LogPoint should consider offering a cloud deployment option for easier management and cost savings.
Performance is another area where LogPoint can improve. Pure speed and efficient data processing are important factors that LogPoint should focus on to enhance its performance.
Lastly, LogPoint's documentation needs improvement. While the functionality of the product is considered good, the documentation should be enhanced to provide better support and guidance to users. Ad-hoc reporting capabilities can also be improved to allow users to create custom reports more easily.
Logpoint has provided a positive return on investment for users. Logpoint offers good value for the money and a favorable cost model.
Logpoint offers a straightforward pricing structure with no setup costs, easing the onboarding process for users. Pricing methods typically involve subscription-based models, accommodating per-user or per-event licensing options. The pricing range is flexible, catering to organizations of different sizes and needs, providing scalable SIEM solutions.
LogPoint is primarily used to protect clients' environments by identifying users and the tools they access. It is also used for triage, log collection, and security analysis.
Additionally, LogPoint is utilized for data aggregation, creating custom use cases, and triggering escalations to the IT team. It is used for compliance reasons, focusing on separation of duties, privilege escalation, and access to sensitive data.
LogPoint is also used as a full-blown team system for orchestrating incident responses and as a repository for logs within office systems. It monitors users and endpoints, studying their activities and triggering alarms for any deviations.
LogPoint's customer service and support have received positive feedback from users. The support provided in Asia is highly praised, with the team being consistently active and responsive, addressing queries within an hour.
Opening support tickets and connecting with the LogPoint support team is described as easy and efficient. However, there is some criticism regarding the lower-level support team's ability to understand issues with LogPoint, leading to frequent escalations to the higher-level team. Comparatively, the L1 support team of IBM QRadar is considered more competent.
Despite this, LogPoint's technical support is generally rated positively, with prompt ticket response and solutions provided directly by the vendor.
The initial setup for LogPoint was described as complex by some users, especially for those without experience using the solution. However, others found it relatively easy and straightforward.
The deployment time varied, with some implementing it within a few weeks while others took several months. The number of systems needing integration with LogPoint also affected the setup time.
Maintenance and configuration required the involvement of a system administrator and security analyst.
Some users had the vendor assist with the setup, while others conducted a thorough testing period before purchasing.
Logpoint is highly scalable, with several customers ranging from large enterprises to medium enterprises.
The stability of the Logpoint solution is generally good, with some minor issues reported by a few users. These issues were resolved by adding more resources such as RAM or CPUs. However, there were some glitches with LogPoint, particularly related to exceeding EPS limits, data normalization, and handling multiple types of logs. In some cases, logs were discarded, leading some users to switch to LogRhythm.
Despite these concerns, other users reported that LogPoint has been stable and reliable for them, with no major hiccups. It is also worth noting that LogPoint is recognized by Gartner and considered a strong player in the SIEM market, indicating its solid and stable product.
Benefits of Logpoint
Some of the benefits of using Logpoint include:
Reviews from Real Users
Logpoint is a security and management solution that stands out among its competitors for a number of reasons. Two major ones are its data gathering and artificial intelligence (AI) capabilities. Logpoint enables users to not only gather the data, but also to maximize both the amount of data that can be gathered and its usefulness. It removes many of the challenges that users may face in data collection. The solution allows users to set rules for collection and then it pulls information from sources that meet the rules that have been set. This data is then broken into manageable segments and ordered. Users can then analyze these ordered segments with ease. Additionally, LogPoint utilizes both machine learning and AI technology. Users gain the ability to protect themselves from and if necessary resolve emerging threats as soon as they arise. The AI sets security parameters for a user’s system. These act as a baseline that are triggered and notify the user if anything deviates from the rules that it set up.
The chief infrastructure & security officer at a financial services firm writes, “It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. Logpoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parsed because all logs are not the same, but with Logpoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.”
A. Secca., a Cyber Security Analyst at a transportation company, writes, “It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all of the user’s activities. It devises a baseline and monitors if there is any deviation from the baseline.”
AP Pension, Copenhagen Airports, KMD, Terma, DISA, Danish Crown, Durham City Council, Game, TopDanmark, Lahti Energia, Energi Midt, Synoptik, Eissmann Group Automotive, Aligro, CG50...