Try our new research platform with insights from 80,000+ expert users

Logpoint vs Splunk SOAR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 8, 2024
 

Categories and Ranking

Logpoint
Ranking in Security Orchestration Automation and Response (SOAR)
14th
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
21
Ranking in other categories
Log Management (24th), Security Information and Event Management (SIEM) (26th), User Entity Behavior Analytics (UEBA) (7th), Endpoint Detection and Response (EDR) (32nd)
Splunk SOAR
Ranking in Security Orchestration Automation and Response (SOAR)
3rd
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
43
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of December 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Logpoint is 1.2%, up from 0.9% compared to the previous year. The mindshare of Splunk SOAR is 8.6%, down from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Subhash Sreenivasan - PeerSpot reviewer
Roughly 800 to 1000 integrations available with various security products and applications and offers built-in SOAR capabilities
The documentation part is something that needs to be improved, as well as the threat intelligence investigation part. Logpoint has a kind of site to describe what kinds of threats they are investigating. But that, I think, maybe Logpoint can improve more. The threat investigations and reporting to the end-users can be improved. Logpoint can also come up with IR [incident response] capabilities. Other important SIEM solutions have some IR services. If I am an MSSP working with LogPoint for SIEM/SOAR solutions and I need immediate support, I should be able to get some support. It can be paid support, like SecureWorks, which has those kinds of functionalities. They will immediately get in and start working on helping us identify the threats, isolate them, and give us remedies to take care of and recover from any kind of attacks. Whereas in LogPoint, that functionality is missing. We will be on our own if something happens. We will get other support from them, but there's no paid support before taking ownership and helping us recover from those kinds of attacks. They have a kind of integration for AI, but the incident response capability is what they should improve.
Ryan Plas - PeerSpot reviewer
Offers playbook automation that helps reduce the manual and tedious work for users
When it comes to Splunk SOAR's ability to provide end-to-end visibility into our company's cloud-native environment, I would say that we are not using the cloud portions of it. I don't know if that's super relevant to what we are doing in our organization. I am 100 percent sure that Splunk SOAR helped reduce your mean time to resolve, but I don't have any metrics on hand but I know it has dramatically decreased. The tool has helped with the business resilience part. I think having it as a platform has been a solid portion of the product that we offer to people. Spunk SOAR has definitely saved my time in alert triage. When some of the tedious enrichment and lookup stuff happens, the analyst doesn't have to deal with such areas, and they can just jump in and see relevant data all in one pane of glass, which has been super helpful for speeding things up. The unified platform helps consolidate networking, security, and IT observability tools. The consolidation of tools impacts our organization as it just helps focus the SOC analyst on a single unified place to find information. It helps keep things streamlined and regular so they know where to look for certain stuff they want. It really helps people with training. It is a really easy tool to onboard people into because everything is right there in the product itself. The product is really great. I would love to see more SOAR innovation going into the tool, especially the on-premises version since it is what we use in our company. I feel the tool needs to encourage continuous improvements, but as a product itself, my company is really happy with the solution. I rate the tool an eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."
"The solution's most valuable aspect is the combination of the software and the support that they have."
"The product is easy to use."
"In my experience with medium-sized operations, LogPoint's scalability is excellent, so I would rate it a ten out of ten."
"They basically charge you in a better way."
"The most valuable features are the ones that we use the most, which are the search and report facilities."
"It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."
"The most beneficial was being able to prove, with proper reports, that from a compliance perspective, the company is in control. The service part of LogPoint did modifications or did some additional work to have the proper reports defined."
"Surprisingly, the mobile app is valuable because it is very convenient for our on-call analysts to respond and get alerted to security alerts and events wherever they are. We are able to harness the power of Splunk SOAR and everything that we are doing, and we are also able to alert our on-call analysts 24/7. From their mobile phone, they can respond to those alerts."
"Technical support is helpful."
"The product’s integration with other Splunk products is valuable."
"The product provides 100% automation for certain processes."
"Splunk SOAR's extensive library of pre-built integrations allows it to connect with a vast array of popular security and IT applications, streamlining workflows across our existing security stack."
"The most valuable feature of the solution is the playbook automation just because it allows us to reduce the manual actions that SOC has to handle."
"When you design a playbook, you can integrate multiple log sources and define rules... After that, the platform automatically compiles all these activities and, based on the results, the analyst only has to indicate whether the result is a true or false positive. That reduces the time and effort involved."
"I'm just a beginner on the solution and it's pretty easy for me to use."
 

Cons

"The interface needs things like wizards that will assist with creating complex correlation rules."
"Sometimes, the product is not stable."
"It is complicated to collect daily logs from other systems."
"Nowadays the trend is going towards the ransomware and the endpoint detection and response. So if they added something for that, that will be very, very good."
"The documentation part is something that needs to be improved, as well as the threat intelligence investigation part."
"The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."
"I know that they have user behavior analytics, but it's an extra cost for this feature. It would be nice if it was in with the standard products."
"It is a good product, but its interface or GUI could be better."
"The solution must provide more AIOps to improve predictability."
"While there have been improvements to the investigation process, particularly with the playbook data, the current log review method is cumbersome."
"It would be ideal for us if Splunk SOAR could integrate with Teams."
"Splunk SOAR should improve its ease of upgrade, which is a pain point for us right now."
"It could be easier to implement."
"There is a lot of room for improvement with the UI."
"I haven't had any issues with the solution so far."
"Splunk SOAR has room to improve its offering for small-sized customers. The price is not fair for smaller-sized customers."
 

Pricing and Cost Advice

"It was on a yearly basis at about $100K. It was not a huge environment. We were running it on our own virtual server environment, which, of course, had a cost. There was hardware and some energy cost, and then there were Microsoft Windows licenses for servers. That's all, but there was nothing in comparison to the licensing costs."
"Logpoint's pricing is mid-ranged and depends on the number of devices."
"My company used to pay for LogPoint costs annually. It's a cost-effective solution. I'm not part of the Finance team, though, so I'm not sure exactly what the licensing fee is or what license my company had."
"It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value."
"It's less expensive than the competitors. The Logpoint marketing team is very accommodating and client-friendly. They offer very good reductions in price. They are pretty good in this aspect. They are transparent in their licensing and pricing."
"It has a fixed price, which is what I like about LogPoint. I bought the system and paid for it, and I pay maintenance. It is not a consumption model. Most SIEMs or most of the log management systems are consumption-based, which means that you pay for how many logs you have in the system. That's a real problem because logs can grow very quickly in different circumstances, and when you have a variable price model, you never know what you're going to pay. Splunk is notoriously expensive for that reason. If you use Splunk or QRadar, it becomes expensive because there are not just the logs; you also have to parse the logs and create indexes. Those indexes can be very expensive in terms of space. Therefore, if they charge you by this space, you can end up paying a significant amount of money. It can be more than what you expect to pay. I like the fact that LogPoint has a fixed cost. I know what I'm going to pay on a yearly basis. I pay that, and I pay the maintenance, and I just make it work."
"Our licensing fees are about $10,000 USD per month, which I think is fair."
"For a hundred user deployment the cost is about $10,000. The next year it would be the same because it's a subscription-based license. There are separate costs as well, for example, if a customer asks for training for their staff."
"The tool is not cheap."
"Splunk SOAR is more expensive compared to other options for SOAR."
"While I can't confirm the exact pricing, some colleagues have mentioned that Splunk SOAR may be on the costlier side."
"It's very overpriced because it is based on the number of users. There is no bulk licensing."
"I don't know the exact price, but for my region, it is very expensive."
"Splunk SOAR is an expensive solution for an organization of our size."
"The licensing cost is reasonable."
"I found the price of Splunk SOAR to be good."
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
824,106 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
67%
Computer Software Company
8%
Comms Service Provider
4%
Manufacturing Company
3%
Computer Software Company
15%
Financial Services Firm
14%
Manufacturing Company
12%
Government
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for LogPoint?
On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not ver...
What needs improvement with LogPoint?
The documentation part is something that needs to be improved, as well as the threat intelligence investigation part. Logpoint has a kind of site to describe what kinds of threats they are investig...
What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
What is your experience regarding pricing and costs for Splunk Phantom?
I rate Splunk SOAR two out of 10 for affordability. Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all ...
What needs improvement with Splunk Phantom?
The dashboard could be improved and some other features. SOAR should integrate network capabilities, allowing us to also monitor the WLAN network. Splunk is also expensive and difficult for beginne...
 

Comparisons

 

Also Known As

No data available
Phantom
 

Learn More

 

Overview

 

Sample Customers

AP Pension, Copenhagen Airports, KMD, Terma, DISA, Danish Crown, Durham City Council, Game, TopDanmark, Lahti Energia, Energi Midt, Synoptik, Eissmann Group Automotive, Aligro, CG50...
Recorded Future, Blackstone
Find out what your peers are saying about Logpoint vs. Splunk SOAR and other solutions. Updated: December 2024.
824,106 professionals have used our research since 2012.