Logpoint vs Splunk SOAR comparison

Logpoint and Splunk are both solutions in the Security Orchestration Automation and Response (SOAR) category. Logpoint is ranked #15 with an average rating of 7.2, while Splunk is ranked #3 with an average rating of 8.1. Logpoint holds a 1.2% mindshare in SOAR, compared to Splunk’s 8.8% mindshare. Additionally, 89% of Logpoint users are willing to recommend the solution, compared to 87% of Splunk users who would recommend it.

Logpoint

Read 21 Logpoint reviews

961 Views
438 Comparison Views

89% willing to recommend

Splunk SOAR

Read 43 Splunk SOAR reviews

5,505 Views
3,291 Comparison Views

87% willing to recommend

Logpoint

Splunk SOAR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 4, 2024

Logpoint and Splunk SOAR are two prominent SOAR tools. Splunk SOAR seems to have the upper hand due to its comprehensive features offering higher value despite its price.

Features: Logpoint reviews highlight its strong analytical capabilities, quick response time, and affordability. Splunk SOAR reviews praise its extensive automation, integration options, and higher value despite the cost.

Room For Improvement: Reviews for Logpoint suggest enhancing its scalability, third-party integrations, and user interface. Splunk SOAR users seek a more user-friendly design, improvement in onboarding documentation, and reducing deployment complexity.

Ease of Deployment and Customer Service: Logpoint is often commended for its straightforward deployment and strong customer support. Splunk SOAR receives mixed feedback about its deployment complexity but is known for its responsive service team.

Pricing and ROI: Logpoint is seen as cost-effective, providing good ROI based on user reviews. Splunk SOAR is considered expensive but justified by its extensive capabilities.

To learn more, read our detailed Logpoint vs. Splunk SOAR Report (Updated: October 2024).

Buyer's Guide

Logpoint vs. Splunk SOAR

October 2024

Download the complete report

Helped 814,649 peers since 2012

Categories and Ranking

Logpoint

Ranking in Security Orchestration Automation and Response (SOAR)

15th

Average Rating

7.6

Number of Reviews

Ranking in other categories

Log Management (27th), Security Information and Event Management (SIEM) (26th), User Entity Behavior Analytics (UEBA) (7th), Endpoint Detection and Response (EDR) (32nd)

Splunk SOAR

Ranking in Security Orchestration Automation and Response (SOAR)

3rd

Average Rating

8.2

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of November 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Logpoint is 1.2%, up from 0.9% compared to the previous year. The mindshare of Splunk SOAR is 8.8%, down from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Orchestration Automation and Response (SOAR)

Featured Reviews

Subhash Sreenivasan

Head of Professional Services at NiyoSecure

Jun 21, 2024

Roughly 800 to 1000 integrations available with various security products and applications and offers built-in SOAR capabilities

The documentation part is something that needs to be improved, as well as the threat intelligence investigation part. Logpoint has a kind of site to describe what kinds of threats they are investigating. But that, I think, maybe Logpoint can improve more. The threat investigations and reporting to the end-users can be improved. Logpoint can also come up with IR [incident response] capabilities. Other important SIEM solutions have some IR services. If I am an MSSP working with LogPoint for SIEM/SOAR solutions and I need immediate support, I should be able to get some support. It can be paid support, like SecureWorks, which has those kinds of functionalities. They will immediately get in and start working on helping us identify the threats, isolate them, and give us remedies to take care of and recover from any kind of attacks. Whereas in LogPoint, that functionality is missing. We will be on our own if something happens. We will get other support from them, but there's no paid support before taking ownership and helping us recover from those kinds of attacks. They have a kind of integration for AI, but the incident response capability is what they should improve.

Read full review

Ryan Plas

SOAR Engineer at Accenture Federal Services

Jun 12, 2024

Offers playbook automation that helps reduce the manual and tedious work for users

When it comes to Splunk SOAR's ability to provide end-to-end visibility into our company's cloud-native environment, I would say that we are not using the cloud portions of it. I don't know if that's super relevant to what we are doing in our organization. I am 100 percent sure that Splunk SOAR helped reduce your mean time to resolve, but I don't have any metrics on hand but I know it has dramatically decreased. The tool has helped with the business resilience part. I think having it as a platform has been a solid portion of the product that we offer to people. Spunk SOAR has definitely saved my time in alert triage. When some of the tedious enrichment and lookup stuff happens, the analyst doesn't have to deal with such areas, and they can just jump in and see relevant data all in one pane of glass, which has been super helpful for speeding things up. The unified platform helps consolidate networking, security, and IT observability tools. The consolidation of tools impacts our organization as it just helps focus the SOC analyst on a single unified place to find information. It helps keep things streamlined and regular so they know where to look for certain stuff they want. It really helps people with training. It is a really easy tool to onboard people into because everything is right there in the product itself. The product is really great. I would love to see more SOAR innovation going into the tool, especially the on-premises version since it is what we use in our company. I feel the tool needs to encourage continuous improvements, but as a product itself, my company is really happy with the solution. I rate the tool an eight out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution's user interface is quite simple, and the integration is better than other products."

"We like the user and entity behaviour analytics (UEBA) and find it valuable."

"The solution's most valuable aspect is the combination of the software and the support that they have."

"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."

"In my experience with medium-sized operations, LogPoint's scalability is excellent, so I would rate it a ten out of ten."

"It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."

"The solution offers excellent reporting features. Our customers have been satisfied that they have been able to meet their compliance needs by giving them a standard report."

"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."

More Logpoint pros

"The most valuable feature of Splunk SOAR is the automated playbooks, which saves analysts time."

"The ability to automate Splunk SOAR and customize the playbook use cases is the most valuable feature and is very exciting for me."

"It's pretty easy when it comes to setting up assets. If you want to fetch emails or call a REST API, you can set up an asset and grab that information."

"Scalability is the best feature of the solution."

"The most valuable feature is the API connector, depending on how it's formatted and who made the actual app offering for it. The REST API is my favorite component. It's very easy to use. The filters are also really valuable. Those are the two primary features but I enjoy using the rest of it."

"Splunk has many features that make work easier, and it's simple to implement in a large production environment. Splunk collects a massive amount of data from cloud servers and handles it perfectly."

"The most valuable feature is the risk-based access control."

"The most valuable feature of Splunk SOAR that stands out is it has a great SOAR. The automation and orchestration module is highly mature. A lot of use cases are on user entity and behavioral analytics (UEBA), which is artificial intelligence and machine learning-based (AIML)."

More Splunk SOAR pros

Cons

"It is a good product, but its interface or GUI could be better."

"The solution should offer more integrations and third-party solutions like incident response platforms or allow access to third-party big data"

"I know that they have user behavior analytics, but it's an extra cost for this feature. It would be nice if it was in with the standard products."

"The documentation part is something that needs to be improved, as well as the threat intelligence investigation part."

"What could be improved in LogPoint is its UI because it's less friendly to users than LogRhythm. The UI could be more aesthetically appealing to users. It's completely outdated."

"It is complicated to collect daily logs from other systems."

"The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness."

"Log management could be better because transporting the log from a password to the client system takes time."

More Logpoint cons

"Unfortunately, not all of our analysts are iPhone users or iOS users. The mobile app is only supported on iOS. Our analysts who have Android do not have that benefit. That would be a nice thing to have so that we can have it across the board and not just for iOS."

"I haven't used it fully, but based on my usage, I could not find simulation tools and features. It currently lacks simulation features, which are important for me for creating a playbook. It is also very expensive for my region."

"We've run into a few minor issues. Some of the playbook writing is a bit complicated. We've had a few hiccups with the source control. We'd really like to use GitHub deployment keys for a dedicated account. We haven't been able to do that. I think those are some of the major ones."

"Portability is one thing that is currently lacking. The open-source product that I evaluated had portability. It would require a lot of development effort, but it will save the cost of rewriting all the playbooks."

"They can improve on what they are currently doing. They can provide more playbooks or at least template playbooks that are in their repository."

"have put a number of ideas on the ideas.splunk.com site for feature requests for the Splunk SOAR product. I posted one of them about three years ago, which finally got implemented in the latest release that just got announced, so the time to implement new features and things like that is a little bit concerning."

"We want to see improvements made to the APIs such that we can connect to many different systems and data sources."

"It could be easier to implement."

More Splunk SOAR cons

Pricing and Cost Advice

"LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when customers needed a lower-costing solution."

"On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not very cheap compared to some of the cheaper products in the SIEM market."

"Our licensing fees are about $10,000 USD per month, which I think is fair."

"It's less expensive than the competitors. The Logpoint marketing team is very accommodating and client-friendly. They offer very good reductions in price. They are pretty good in this aspect. They are transparent in their licensing and pricing."

"For a hundred user deployment the cost is about $10,000. The next year it would be the same because it's a subscription-based license. There are separate costs as well, for example, if a customer asks for training for their staff."

"Logpoint's pricing is mid-ranged and depends on the number of devices."

"It was on a yearly basis at about $100K. It was not a huge environment. We were running it on our own virtual server environment, which, of course, had a cost. There was hardware and some energy cost, and then there were Microsoft Windows licenses for servers. That's all, but there was nothing in comparison to the licensing costs."

"It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value."

More Logpoint pricing and cost advice

"Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all the functions and tie together the data. It's the perfect tool for our needs."

"We renewed it this year. This year was the first time there was a dramatic increase in the price. It was kind of non-negotiable. It was just a high increase. We had internal communications, and it was definitely a surprise to us. In a short time frame, we renewed it this year. Prices are going up everywhere, but they are not always justifiable, at least not to our eyes. The pricing this year was definitely a big shock."

"The licensing cost is reasonable."

"In my opinion, the price is high, but if you want good products, you have to be willing to pay for them."

"Splunk SOAR is more expensive compared to other options for SOAR."

"While I can't confirm the exact pricing, some colleagues have mentioned that Splunk SOAR may be on the costlier side."

"It's very overpriced because it is based on the number of users. There is no bulk licensing."

"The cost is high and the licensing is on an annual basis."

More Splunk SOAR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.

See recommendations

814,649 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

66%

Computer Software Company

Comms Service Provider

Manufacturing Company

Computer Software Company

15%

Financial Services Firm

13%

Manufacturing Company

11%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about LogPoint?

The solution is user-friendly.

See all answers

What is your experience regarding pricing and costs for LogPoint?

On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not ver...

See all answers

What needs improvement with LogPoint?

See all answers

What do you like most about Splunk Phantom?

Splunk SOAR's quick response to incidents is the most valuable part.

See all answers

What is your experience regarding pricing and costs for Splunk Phantom?

I rate Splunk SOAR two out of 10 for affordability. Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all ...

See all answers

What needs improvement with Splunk Phantom?

The dashboard could be improved and some other features. SOAR should integrate network capabilities, allowing us to also monitor the WLAN network. Splunk is also expensive and difficult for beginne...

See all answers

Comparisons

IBM Security QRadar vs Logpoint

Compared 20% of the time

Wazuh vs Logpoint

Compared 19% of the time

Elastic Security vs Logpoint

Compared 16% of the time

Rapid7 InsightIDR vs Logpoint

Compared 7% of the time

Microsoft Sentinel vs Logpoint

Compared 7% of the time

More Logpoint Competitors

Cortex XSIAM vs Splunk SOAR

Compared 26% of the time

Palo Alto Networks Cortex XSOAR vs Splunk SOAR

Compared 20% of the time

ServiceNow Security Operations vs Splunk SOAR

Compared 8% of the time

Tines vs Splunk SOAR

Compared 8% of the time

Torq vs Splunk SOAR

Compared 7% of the time

More Splunk SOAR Competitors

Product Reports

Buyer's Guide

Logpoint

October 2024

Download Logpoint product report

Buyer's Guide

Splunk SOAR

October 2024

Download Splunk SOAR product report

Also Known As

No data available

Phantom

Learn More

Logpoint

Splunk

Overview

Logpoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs.

Benefits of Logpoint

Some of the benefits of using Logpoint include:

Unifies data logs: Logpoint creates a single system of classification for collected data. It makes it easy for users to search for and find data, which aids users when they are creating reports or alerts. Users can conserve resources while at the same time seeing a rise in the efficiency of their business operations.

Intuitive solution design: Logpoint is designed so that anyone can utilize all of its features, even if they are not an expert in network security. Logpoint’s UI is simple enough that users can utilize it without undergoing extensive training.

Highly flexible: Logpoint is designed so that users can scale it linearly to accommodate projects that are large and complex. This allows users to expand the scope of their projects according to their needs without worrying that their infrastructure won’t be able to handle the increase in size. The solution’s security features can be deployed both on the cloud and in a physical environment.

Simple role-based access security: Logpoint allows administrators to employ Microsoft’s active directory (AD) and a Lightweight Directory Access Protocol to manage user access. These can help administrators protect their systems from being abused or otherwise harmed by bad actors.

Reviews from Real Users

Logpoint is a security and management solution that stands out among its competitors for a number of reasons. Two major ones are its data gathering and artificial intelligence (AI) capabilities. Logpoint enables users to not only gather the data, but also to maximize both the amount of data that can be gathered and its usefulness. It removes many of the challenges that users may face in data collection. The solution allows users to set rules for collection and then it pulls information from sources that meet the rules that have been set. This data is then broken into manageable segments and ordered. Users can then analyze these ordered segments with ease. Additionally, LogPoint utilizes both machine learning and AI technology. Users gain the ability to protect themselves from and if necessary resolve emerging threats as soon as they arise. The AI sets security parameters for a user’s system. These act as a baseline that are triggered and notify the user if anything deviates from the rules that it set up.

The chief infrastructure & security officer at a financial services firm writes, “It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. Logpoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parsed because all logs are not the same, but with Logpoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.”

A. Secca., a Cyber Security Analyst at a transportation company, writes, “It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all of the user’s activities. It devises a baseline and monitors if there is any deviation from the baseline.”

Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats.

Go from overwhelmed to in-control

Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.

Force multiply your team

Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.

From 30 minutes to 30 seconds

Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.

End-to-end security operations made easy

Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.

Sample Customers

AP Pension, Copenhagen Airports, KMD, Terma, DISA, Danish Crown, Durham City Council, Game, TopDanmark, Lahti Energia, Energi Midt, Synoptik, Eissmann Group Automotive, Aligro, CG50...

Recorded Future, Blackstone

Buyer's Guide

Logpoint vs. Splunk SOAR

October 2024

Free Report: Logpoint vs. Splunk SOAR

Find out what your peers are saying about Logpoint vs. Splunk SOAR and other solutions. Updated: October 2024.

DOWNLOAD NOW

814,649 professionals have used our research since 2012.

See our Logpoint vs. Splunk SOAR report.

See our list of best Security Orchestration Automation and Response (SOAR) vendors.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.