Logpoint vs Splunk SOAR comparison

Logpoint and Splunk are both solutions in the Security Orchestration Automation and Response (SOAR) category. Logpoint is ranked #15 with an average rating of 7.2, while Splunk is ranked #3 with an average rating of 8.1. Logpoint holds a 1.2% mindshare in SOAR, compared to Splunk’s 8.8% mindshare. Additionally, 89% of Logpoint users are willing to recommend the solution, compared to 87% of Splunk users who would recommend it.

Logpoint

Read 21 Logpoint reviews

961 Views
438 Comparison Views

89% willing to recommend

Splunk SOAR

Read 43 Splunk SOAR reviews

5,505 Views
3,291 Comparison Views

87% willing to recommend

Logpoint

Splunk SOAR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 4, 2024

Logpoint and Splunk SOAR are two prominent SOAR tools. Splunk SOAR seems to have the upper hand due to its comprehensive features offering higher value despite its price.

Features: Logpoint reviews highlight its strong analytical capabilities, quick response time, and affordability. Splunk SOAR reviews praise its extensive automation, integration options, and higher value despite the cost.

Room For Improvement: Reviews for Logpoint suggest enhancing its scalability, third-party integrations, and user interface. Splunk SOAR users seek a more user-friendly design, improvement in onboarding documentation, and reducing deployment complexity.

Ease of Deployment and Customer Service: Logpoint is often commended for its straightforward deployment and strong customer support. Splunk SOAR receives mixed feedback about its deployment complexity but is known for its responsive service team.

Pricing and ROI: Logpoint is seen as cost-effective, providing good ROI based on user reviews. Splunk SOAR is considered expensive but justified by its extensive capabilities.

To learn more, read our detailed Logpoint vs. Splunk SOAR Report (Updated: October 2024).

Buyer's Guide

Logpoint vs. Splunk SOAR

October 2024

Download the complete report

Helped 816,562 peers since 2012

Categories and Ranking

Logpoint

Ranking in Security Orchestration Automation and Response (SOAR)

15th

Average Rating

7.6

Reviews Sentiment

6.1

Number of Reviews

Ranking in other categories

Log Management (27th), Security Information and Event Management (SIEM) (26th), User Entity Behavior Analytics (UEBA) (7th), Endpoint Detection and Response (EDR) (32nd)

Splunk SOAR

Ranking in Security Orchestration Automation and Response (SOAR)

3rd

Average Rating

8.2

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of November 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Logpoint is 1.2%, up from 0.9% compared to the previous year. The mindshare of Splunk SOAR is 8.8%, down from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Orchestration Automation and Response (SOAR)

Featured Reviews

Subhash Sreenivasan

Head of Professional Services at NiyoSecure

Roughly 800 to 1000 integrations available with various security products and applications and offers built-in SOAR capabilities

The documentation part is something that needs to be improved, as well as the threat intelligence investigation part. Logpoint has a kind of site to describe what kinds of threats they are investigating. But that, I think, maybe Logpoint can improve more. The threat investigations and reporting to the end-users can be improved. Logpoint can also come up with IR [incident response] capabilities. Other important SIEM solutions have some IR services. If I am an MSSP working with LogPoint for SIEM/SOAR solutions and I need immediate support, I should be able to get some support. It can be paid support, like SecureWorks, which has those kinds of functionalities. They will immediately get in and start working on helping us identify the threats, isolate them, and give us remedies to take care of and recover from any kind of attacks. Whereas in LogPoint, that functionality is missing. We will be on our own if something happens. We will get other support from them, but there's no paid support before taking ownership and helping us recover from those kinds of attacks. They have a kind of integration for AI, but the incident response capability is what they should improve.

Read full review

Ryan Plas

SOAR Engineer at Accenture Federal Services

Offers playbook automation that helps reduce the manual and tedious work for users

When it comes to Splunk SOAR's ability to provide end-to-end visibility into our company's cloud-native environment, I would say that we are not using the cloud portions of it. I don't know if that's super relevant to what we are doing in our organization. I am 100 percent sure that Splunk SOAR helped reduce your mean time to resolve, but I don't have any metrics on hand but I know it has dramatically decreased. The tool has helped with the business resilience part. I think having it as a platform has been a solid portion of the product that we offer to people. Spunk SOAR has definitely saved my time in alert triage. When some of the tedious enrichment and lookup stuff happens, the analyst doesn't have to deal with such areas, and they can just jump in and see relevant data all in one pane of glass, which has been super helpful for speeding things up. The unified platform helps consolidate networking, security, and IT observability tools. The consolidation of tools impacts our organization as it just helps focus the SOC analyst on a single unified place to find information. It helps keep things streamlined and regular so they know where to look for certain stuff they want. It really helps people with training. It is a really easy tool to onboard people into because everything is right there in the product itself. The product is really great. I would love to see more SOAR innovation going into the tool, especially the on-premises version since it is what we use in our company. I feel the tool needs to encourage continuous improvements, but as a product itself, my company is really happy with the solution. I rate the tool an eight out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them."

"We like the user and entity behaviour analytics (UEBA) and find it valuable."

"The main advantage of Logpoint is the support service. They reply within ten minutes to an hour to our queries."

"The solution is user-friendly."

"The solution offers excellent reporting features. Our customers have been satisfied that they have been able to meet their compliance needs by giving them a standard report."

"It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."

"They basically charge you in a better way."

"The product is easy to use."

More Logpoint pros

"Workflow management is most valuable. It is easily customizable"

"Before its use, analyzing each email would take at least 15 to 20 minutes, with some complex cases taking up to 30 minutes...With the automation provided by Splunk Phantom, we could significantly reduce the amount of time and human effort required to complete this task."

"The automation part of the product is great."

"So far, the interface is very easy to use."

"The product provides 100% automation for certain processes."

"I like the way Splunk interacts with various systems via the API. The ability to integrate Splunk with our ticketing system has been an immense help because we can maintain our workflow while blending Splunk with our support desk and other ways that we track work."

"The most valuable feature of Splunk SOAR is the automated playbooks, which saves analysts time."

"Very flexible integration with other tools"

More Splunk SOAR pros

Cons

"Nowadays the trend is going towards the ransomware and the endpoint detection and response. So if they added something for that, that will be very, very good."

"The solution should offer more integrations and third-party solutions like incident response platforms or allow access to third-party big data"

"Dashboards could be developed further."

"One of the things we faced last year was that we had some memory issues with the server running. We were running them as virtual services, and we were facing some performance issues. Back then, there were some things that had already been solved at the end, but one of the small issues we had was that it was quite memory-consuming. After one upgrade that we did, we faced some performance issues."

"It is a good product, but its interface or GUI could be better."

"Log management could be better because transporting the log from a password to the client system takes time."

"Logpoint is not flexible. Its documentation is not user-friendly."

"The documentation part is something that needs to be improved, as well as the threat intelligence investigation part."

More Logpoint cons

"Some of the training materials are on a basic level."

"The algorithm and machine learning have room for improvement and can be more user-friendly."

"It would be ideal for us if Splunk SOAR could integrate with Teams."

"It could be easier to implement."

"The UI can be more customizable for the clients."

"Splunk SOAR has room to improve its offering for small-sized customers. The price is not fair for smaller-sized customers."

"SOAR is probably the most unreliable product Splunk has and that's because most of it is content driven from what you put into it. There are certain parts of it that have a little bit of difficulty at volume too. It's always changing. There is new stuff coming out for it that's going to make it a little bit better, but it does have some drawbacks."

"And most of the challenges that I have faced with the solution can be found in the documentation itself."

More Splunk SOAR cons

Pricing and Cost Advice

"It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value."

"Logpoint's pricing is mid-ranged and depends on the number of devices."

"For a hundred user deployment the cost is about $10,000. The next year it would be the same because it's a subscription-based license. There are separate costs as well, for example, if a customer asks for training for their staff."

"It has a fixed price, which is what I like about LogPoint. I bought the system and paid for it, and I pay maintenance. It is not a consumption model. Most SIEMs or most of the log management systems are consumption-based, which means that you pay for how many logs you have in the system. That's a real problem because logs can grow very quickly in different circumstances, and when you have a variable price model, you never know what you're going to pay. Splunk is notoriously expensive for that reason. If you use Splunk or QRadar, it becomes expensive because there are not just the logs; you also have to parse the logs and create indexes. Those indexes can be very expensive in terms of space. Therefore, if they charge you by this space, you can end up paying a significant amount of money. It can be more than what you expect to pay. I like the fact that LogPoint has a fixed cost. I know what I'm going to pay on a yearly basis. I pay that, and I pay the maintenance, and I just make it work."

"It's less expensive than the competitors. The Logpoint marketing team is very accommodating and client-friendly. They offer very good reductions in price. They are pretty good in this aspect. They are transparent in their licensing and pricing."

"On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not very cheap compared to some of the cheaper products in the SIEM market."

"It was on a yearly basis at about $100K. It was not a huge environment. We were running it on our own virtual server environment, which, of course, had a cost. There was hardware and some energy cost, and then there were Microsoft Windows licenses for servers. That's all, but there was nothing in comparison to the licensing costs."

"LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when customers needed a lower-costing solution."

More Logpoint pricing and cost advice

"Splunk SOAR is more expensive compared to other options for SOAR."

"Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all the functions and tie together the data. It's the perfect tool for our needs."

"We renewed it this year. This year was the first time there was a dramatic increase in the price. It was kind of non-negotiable. It was just a high increase. We had internal communications, and it was definitely a surprise to us. In a short time frame, we renewed it this year. Prices are going up everywhere, but they are not always justifiable, at least not to our eyes. The pricing this year was definitely a big shock."

"It's very overpriced because it is based on the number of users. There is no bulk licensing."

"While I can't confirm the exact pricing, some colleagues have mentioned that Splunk SOAR may be on the costlier side."

"The licensing cost is reasonable."

"I don't know the exact price, but for my region, it is very expensive."

"When we first purchased our Splunk SOAR license, it was based on an event-count model. It was based on the number of events. I had strong opinions at the time that automation should not be stifled by the amount of automation you can accomplish, so the previous structure was not as beneficial for us. Later that year, we got told or saw at a conference that they announced user-based pricing. We are now in a renewal period, so we migrated to a user-based license model, which is more appropriate for us so that we no longer have to worry about stifling our automation based on the quantity."

More Splunk SOAR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.

See recommendations

816,562 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

67%

Computer Software Company

Comms Service Provider

Manufacturing Company

Computer Software Company

15%

Financial Services Firm

13%

Manufacturing Company

12%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about LogPoint?

The solution is user-friendly.

See all answers

What is your experience regarding pricing and costs for LogPoint?

On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not ver...

See all answers

What needs improvement with LogPoint?

See all answers

What do you like most about Splunk Phantom?

Splunk SOAR's quick response to incidents is the most valuable part.

See all answers

What is your experience regarding pricing and costs for Splunk Phantom?

I rate Splunk SOAR two out of 10 for affordability. Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all ...

See all answers

What needs improvement with Splunk Phantom?

The dashboard could be improved and some other features. SOAR should integrate network capabilities, allowing us to also monitor the WLAN network. Splunk is also expensive and difficult for beginne...

See all answers

Comparisons

IBM Security QRadar vs Logpoint

Compared 19% of the time

Wazuh vs Logpoint

Compared 19% of the time

Elastic Security vs Logpoint

Compared 16% of the time

Microsoft Sentinel vs Logpoint

Compared 8% of the time

Rapid7 InsightIDR vs Logpoint

Compared 7% of the time

More Logpoint Competitors

Cortex XSIAM vs Splunk SOAR

Compared 26% of the time

Palo Alto Networks Cortex XSOAR vs Splunk SOAR

Compared 20% of the time

ServiceNow Security Operations vs Splunk SOAR

Compared 8% of the time

Tines vs Splunk SOAR

Compared 7% of the time

Fortinet FortiSOAR vs Splunk SOAR

Compared 7% of the time

More Splunk SOAR Competitors

Product Reports

Buyer's Guide

Logpoint

November 2024

Download Logpoint product report

Buyer's Guide

Splunk SOAR

October 2024

Download Splunk SOAR product report

Also Known As

No data available

Phantom

Learn More

Logpoint

Splunk

Overview

Logpoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs.

Benefits of Logpoint

Some of the benefits of using Logpoint include:

Unifies data logs: Logpoint creates a single system of classification for collected data. It makes it easy for users to search for and find data, which aids users when they are creating reports or alerts. Users can conserve resources while at the same time seeing a rise in the efficiency of their business operations.

Intuitive solution design: Logpoint is designed so that anyone can utilize all of its features, even if they are not an expert in network security. Logpoint’s UI is simple enough that users can utilize it without undergoing extensive training.

Highly flexible: Logpoint is designed so that users can scale it linearly to accommodate projects that are large and complex. This allows users to expand the scope of their projects according to their needs without worrying that their infrastructure won’t be able to handle the increase in size. The solution’s security features can be deployed both on the cloud and in a physical environment.

Simple role-based access security: Logpoint allows administrators to employ Microsoft’s active directory (AD) and a Lightweight Directory Access Protocol to manage user access. These can help administrators protect their systems from being abused or otherwise harmed by bad actors.

Reviews from Real Users

Logpoint is a security and management solution that stands out among its competitors for a number of reasons. Two major ones are its data gathering and artificial intelligence (AI) capabilities. Logpoint enables users to not only gather the data, but also to maximize both the amount of data that can be gathered and its usefulness. It removes many of the challenges that users may face in data collection. The solution allows users to set rules for collection and then it pulls information from sources that meet the rules that have been set. This data is then broken into manageable segments and ordered. Users can then analyze these ordered segments with ease. Additionally, LogPoint utilizes both machine learning and AI technology. Users gain the ability to protect themselves from and if necessary resolve emerging threats as soon as they arise. The AI sets security parameters for a user’s system. These act as a baseline that are triggered and notify the user if anything deviates from the rules that it set up.

The chief infrastructure & security officer at a financial services firm writes, “It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. Logpoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parsed because all logs are not the same, but with Logpoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.”

A. Secca., a Cyber Security Analyst at a transportation company, writes, “It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all of the user’s activities. It devises a baseline and monitors if there is any deviation from the baseline.”

Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats.

Go from overwhelmed to in-control

Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.

Force multiply your team

Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.

From 30 minutes to 30 seconds

Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.

End-to-end security operations made easy

Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.

Sample Customers

AP Pension, Copenhagen Airports, KMD, Terma, DISA, Danish Crown, Durham City Council, Game, TopDanmark, Lahti Energia, Energi Midt, Synoptik, Eissmann Group Automotive, Aligro, CG50...

Recorded Future, Blackstone

Buyer's Guide

Logpoint vs. Splunk SOAR

October 2024

Free Report: Logpoint vs. Splunk SOAR

Find out what your peers are saying about Logpoint vs. Splunk SOAR and other solutions. Updated: October 2024.

DOWNLOAD NOW

816,562 professionals have used our research since 2012.

See our Logpoint vs. Splunk SOAR report.

See our list of best Security Orchestration Automation and Response (SOAR) vendors.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.