Try our new research platform with insights from 80,000+ expert users

Logpoint vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 29, 2024
 

Categories and Ranking

Logpoint
Ranking in Log Management
27th
Ranking in Security Information and Event Management (SIEM)
26th
Average Rating
7.6
Number of Reviews
21
Ranking in other categories
User Entity Behavior Analytics (UEBA) (7th), Endpoint Detection and Response (EDR) (32nd), Security Orchestration Automation and Response (SOAR) (15th)
Splunk Enterprise Security
Ranking in Log Management
1st
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Number of Reviews
301
Ranking in other categories
IT Operations Analytics (1st)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Logpoint is 0.8%, up from 0.8% compared to the previous year. The mindshare of Splunk Enterprise Security is 10.9%, down from 14.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Subhash Sreenivasan - PeerSpot reviewer
Jun 21, 2024
Roughly 800 to 1000 integrations available with various security products and applications and offers built-in SOAR capabilities
The documentation part is something that needs to be improved, as well as the threat intelligence investigation part. Logpoint has a kind of site to describe what kinds of threats they are investigating. But that, I think, maybe Logpoint can improve more. The threat investigations and reporting to the end-users can be improved. Logpoint can also come up with IR [incident response] capabilities. Other important SIEM solutions have some IR services. If I am an MSSP working with LogPoint for SIEM/SOAR solutions and I need immediate support, I should be able to get some support. It can be paid support, like SecureWorks, which has those kinds of functionalities. They will immediately get in and start working on helping us identify the threats, isolate them, and give us remedies to take care of and recover from any kind of attacks. Whereas in LogPoint, that functionality is missing. We will be on our own if something happens. We will get other support from them, but there's no paid support before taking ownership and helping us recover from those kinds of attacks. They have a kind of integration for AI, but the incident response capability is what they should improve.
Sameep Agarwal. - PeerSpot reviewer
Oct 23, 2023
It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query
The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system. Splunk needs to be tweaked in JSON so you can limit what is coming from the endpoints, especially the events. One needs to filter that out so that only certain events are ingested, like login failures, Active Directory changes, password reset requests, privilege modifications, etc. Each Windows machine generates about 310 KB of information per event, but we can tweak that down to about 50 KB.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The flexibility of the search feature and the solution's analytics features are the most valuable parts of the solution."
"In my experience with medium-sized operations, LogPoint's scalability is excellent, so I would rate it a ten out of ten."
"It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."
"The solution's user interface is quite simple, and the integration is better than other products."
"Log collection, dashboards and reporting are good."
"We like the user and entity behaviour analytics (UEBA) and find it valuable."
"The search feature is valuable. The dashboards are also valuable for our bosses. Another valuable feature, which is the main feature of the product, is the centralization of all the logs."
"The most beneficial was being able to prove, with proper reports, that from a compliance perspective, the company is in control. The service part of LogPoint did modifications or did some additional work to have the proper reports defined."
"The most valuable features are how stable and easy to use Splunk is."
"Splunk provides immediate visibility into key business metrics and new business insights that deliver immediate value."
"Capability to expand the functionality through custom code for data inputs, commands, visualization, alerts, and machine learning."
"We can quickly search for almost anything across many log sources in seconds."
"Splunk Enterprise Security is able to process a huge amount of data without any issues."
"The alerts are very effective."
"The most valuable feature is that it brings all of the components necessary to identify, analyze, and respond together."
"The most valuable features include agility and Splunk Enterprise Security's ability to quickly search for alerted items, as well as the capacity to create custom alerts using the SQL language employed by Splunk."
 

Cons

"LogPoint can improve its dashboards. We are not able to customize the dashboard when creating them. They only have preset dashboards which do not have exactly what we are looking for."
"I know that they have user behavior analytics, but it's an extra cost for this feature. It would be nice if it was in with the standard products."
"LogPoint must find a way to integrate the servers without agents."
"The interface needs things like wizards that will assist with creating complex correlation rules."
"Logpoint is not flexible. Its documentation is not user-friendly."
"In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved."
"Sometimes, the product is not stable."
"It is complicated to collect daily logs from other systems."
"Splunk Enterprise Security has not helped reduce our alert volume."
"An area of improvement would be the licensing of the solution. They need a free license, which would allow faster lead times."
"We will receive alerts only for the administrators and deployment servers, but not for all servers."
"DMC should be a little more intuitive with better dashboarding. Seeing the cause of data flow can be tough to track down."
"I'd love to see more integrations, which is one of the primary points of the key node with Splunk Enterprise Security."
"The pricing can be better."
"The glass table feature does not perform as expected."
"I find the graphical options really limited and you don't have enough control over how to display the data that you want to see."
 

Pricing and Cost Advice

"It has a fixed price, which is what I like about LogPoint. I bought the system and paid for it, and I pay maintenance. It is not a consumption model. Most SIEMs or most of the log management systems are consumption-based, which means that you pay for how many logs you have in the system. That's a real problem because logs can grow very quickly in different circumstances, and when you have a variable price model, you never know what you're going to pay. Splunk is notoriously expensive for that reason. If you use Splunk or QRadar, it becomes expensive because there are not just the logs; you also have to parse the logs and create indexes. Those indexes can be very expensive in terms of space. Therefore, if they charge you by this space, you can end up paying a significant amount of money. It can be more than what you expect to pay. I like the fact that LogPoint has a fixed cost. I know what I'm going to pay on a yearly basis. I pay that, and I pay the maintenance, and I just make it work."
"On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not very cheap compared to some of the cheaper products in the SIEM market."
"Logpoint's pricing is mid-ranged and depends on the number of devices."
"LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when customers needed a lower-costing solution."
"It was on a yearly basis at about $100K. It was not a huge environment. We were running it on our own virtual server environment, which, of course, had a cost. There was hardware and some energy cost, and then there were Microsoft Windows licenses for servers. That's all, but there was nothing in comparison to the licensing costs."
"My company used to pay for LogPoint costs annually. It's a cost-effective solution. I'm not part of the Finance team, though, so I'm not sure exactly what the licensing fee is or what license my company had."
"It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value."
"It's less expensive than the competitors. The Logpoint marketing team is very accommodating and client-friendly. They offer very good reductions in price. They are pretty good in this aspect. They are transparent in their licensing and pricing."
"Pricing is pretty fair."
"While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."
"It is not cheap."
"We have seen ROI and improvements as we have continued to use the product, but they are more reactive."
"Setup cost is cheap: It is free, it is user-friendly, and it is fast."
"I am not personally involved with the pricing of the solution."
"I believe that Splunk Enterprise Security is worth the price, but it is expensive."
"Truly evaluate the data you want to ingest and go slow. Pulling in data that can provide no use to your mission only wastes data against your license."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Educational Organization
66%
Computer Software Company
8%
Comms Service Provider
4%
Manufacturing Company
3%
Financial Services Firm
16%
Computer Software Company
14%
Government
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for LogPoint?
On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not ver...
What needs improvement with LogPoint?
The documentation part is something that needs to be improved, as well as the threat intelligence investigation part. Logpoint has a kind of site to describe what kinds of threats they are investig...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Learn More

 

Overview

 

Sample Customers

AP Pension, Copenhagen Airports, KMD, Terma, DISA, Danish Crown, Durham City Council, Game, TopDanmark, Lahti Energia, Energi Midt, Synoptik, Eissmann Group Automotive, Aligro, CG50...
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Logpoint vs. Splunk Enterprise Security and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.