Logpoint Reviews

I'm using LogPoint as a commercial product. My company uses LogPoint for data aggregation, which is also used for creating custom use cases based on organizational leads. Then, my company triggers and escalates to the IT team responsible for solving loopholes and problems seen via LogPoint.

What I like best about LogPoint is its cost-effectiveness compared to other solutions.

LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets. For example, if you have some servers. DMZs, or different types of servers, such as core banking servers, you can apply the use cases to the targeted groups or the whole system.

What could be improved in LogPoint is its UI because it's less friendly to users than LogRhythm. The UI could be more aesthetically appealing to users. It's completely outdated. For example, it lacks color. IBM QRadar and LogRhythm have better UI than LogPoint. The solution needs a custom dashboard feature to make it better.

LogPoint also needs to improve its network hierarchy diagram. You can't create the whole network diagram if you have the entire subnet system of your server form or your DMZs. This means that in LogPoint, it's pretty difficult to visualize the network hierarchy diagrams, so this is another area for improvement in the solution.

Handling multiple types of logs also has room for improvement in LogPoint. Sometimes, it discards logs, and it has difficulty processing various logs.

An additional feature I'd like the product to have in its next release is the multiple log processing feature.

I've used LogPoint for two years, but the last time I used the solution was more than six months ago.

There were some glitches in LogPoint, so it wasn't as stable. For example, if we exceed our EPS, or if there are data not normalized by the editor, or logs generated by assets that LogPoint doesn't normalize, those logs won't be processed.

LogPoint can't handle multiple types of logs. For example, for IAS servers that generate various kinds of logs, such as system and security logs, at some point, LogPoint still needs to manage and understand the different logs. Sometimes, the solution discards the logs. This is why we moved to LogRhytm.

I opened some tickets with LogPoint support when I was still using the product. It was easy to open tickets and connect with the LogPoint support team. The higher level team, the L2 group, was quite competitive, but the lower level team, the L1, needed work because the L1 staff sometimes failed to understand my problems with LogPoint.

The L1 support team usually escalates the issues to the L2 support team, so the level of escalations in LogPoint is higher than in IBM QRadar.

The IBM QRadar L1 team is more competitive than the LogPoint L1 team.

I feel that LogPoint has outsourced L1 issues. That should be done in-house.

On a scale of one to five, I rate LogPoint technical support as two.

I've suspended using LogPoint because I shifted to LogRhythm. I'm now using LogRhythm because it's more user-friendly with a better UI than what LogPoint has. LogPoint also can't handle multiple log types. Though LogPoint is cost-friendly, LogRhythm provides features that both LogPoint and IBM QRadar and other solutions can't offer.

The initial setup for LogPoint is pretty straightforward. It's relatively easy to learn and understand, especially for small organizations. I belong to a small organization that can't afford more expensive products. You won't see LogPoint in review site scoreboards, for example, in Gartner, and the product isn't found under Leaders and Visionaries, but it's still quite effective. It's comparable to going for open-source systems.

Deploying LogPoint was relatively easy. I've been deploying it for a long time. The process is easy, but it's based on how many systems you need to connect to LogPoint. For example, my company has more than fifty assets that need to be integrated with LogPoint, so that could take some time, though the deployment process is much easier. I was able to deploy it within one hour, though.

LogPoint was implemented in-house. I also did some of the implementations, which was relatively easy.

My company used to pay for LogPoint costs annually. It's a cost-effective solution.

I'm not part of the Finance team, though, so I'm not sure exactly what the licensing fee is or what license my company had.

I've evaluated IBM QRadar and LogRhythm.

I have experience with IBM QRadar for more than three years. I also have experience with LogPoint. I've used LogRhythm as well for more than two years now.

My company is a partner of LogPoint, but first, it was a vendor, then it became a partner that collectively collaborated with LogPoint, recommending LogPoint seminars to customers.

Fifty percent of people in the organization use LogPoint, mostly security engineers. One person can handle the maintenance for LogPoint, specifically for a small organization.

As I've not used LogPoint in the last four to six months, I'm no longer updated on what changes were made to the product. If LogPoint works much better for you, then I'd recommend it. Still, if you're considering the product commercially, it's better to go with another solution that works better, with fewer issues, at least from a smaller organization standpoint.

My rating for LogPoint is four out of ten. I didn't give it a higher mark because it needs to improve in several areas, including the GUI, network hierarchy diagrams, and log optimization.

We're a health care organization and we had a specific case where LogPoint was able to help develop a special collector for an earlier version of our storage system, where we had issues with migration. Some files were missing when we migrated to the new system, and we had trouble finding out why. LogPoint was very helpful in designing some drivers which could collect the log data, so we could identify the problem. We're customers of LogPoint and I'm a security consultant.

The most valuable features for us have been the log collection, dashboards, and reporting.

My issues with the product are mainly with regard to how it handles collecting logs. I'm currently thinking about implementing a new lever feature.

Additional features I'd like to see would be standard help features in developing dashboards and reports, and some of the alerts you can setup.

I've been using this solution for 10 years. 

This is a stable solution. 

This is a scalable solution and we're currently expanding. We have 10 users but hoping to expand to 100. 

The technical support is comprehensive, but you have the same issues as every company that uses India as a support center. 

I believe the initial setup was straightforward but there have been some issues with some of the vendors we are using such as Dell EMC Isilon storage systems. They have a very cool setup for sending logs to a log management system.

I would advise people to be aware of their needs, and test some specific use cases, so that you get the benefits from the start, because you don't gain anything out of a SIEM system, if you don't have the right amount of data, from the right sources.

I would rate this product an eight out of 10. I'm Danish so nobody gets a 10! There's always room for improvement. 

We have certain vendors, and our work is to deploy the SIEM solution.

We like the user and entity behaviour analytics (UEBA) and find it valuable. The interface is also user-friendly and good.

Log management could be better because transporting the log from a password to the client system takes time.

We have been using this solution for six months, and we are using the latest version.

I rate the stability a nine out of ten.

I rate the scalability a nine out of ten. We have over 50,000 people using this solution.

I rate the technical support an eight out of ten.

We didn't use another solution before LogPoint.

I rate the setup an eight out of ten. The solution is deployed on cloud, and it takes a few hours to deploy with a team of five people made up of some engineers.

There is a good ROI monetarily. We have seen approximately a 40% ROI.

I rate the pricing an eight out of ten because it is quite expensive. There are no additional costs that I know of.

I rate this solution a nine out of ten. It is a good product, and while it has complex security, it has many features.

It's a product that will get the job done as a simple version of a SIEM or an advanced logger, and the price makes it a very competitive product.

LogPoint is a good logger. It's a product that you can get up and running in a few hours. It's fast.

As LogPoint is fairly new, it is swamped with small and fairly large problems. Most of these are eventually fixed by patches or by manually editing the system.

Also, they need to listen more to the technical users to evolve this to a real SIEM and not "SIEM but different".

Yes. As the product is fairly new, they do have some problems with stability.

The syslog_collector service needs some work.

The ODBC_Fetcher needs a lot of work and they do have other problems.

This is something that LogPoint is good at. It's very modular so it's very forgiving if you have the need to change something.

Customer Service:

This is a HUGE problem. Their customer service is getting better, but sometimes it can take several days before I even got a first reply on a critical error.

Technical Support:

As I worked a lot with them and they are not that many, their technical competence and ways to attack a problem differ greatly. A few have a 7/10 skill and some have a 10/10 skill.

There are no levels of support, and if they can't help, R&D had to get involved.

The common thing they all have is a 3/10 English skill and this is a problem. I'm not saying I'm 10/10, but this made it very difficult and there were many misunderstandings.

We used a different solution, and we switched because of the price.

At first glance, LogPoint is easy to set up. But when you lift the hood, this is where problems start and the learning curve is very steep.

I am a certified LogPoint Technical Specialist, and I had help from colleagues who are also certified, LogPoint support, and the local sales engineer.

Price and licensing are very good and simple, but they have been known to change it.

Yes, we evaluated some of the larger SIEM software solutions.

Even if I bash a lot on LogPoint, I must say that it's a "bang for the buck" product. Yes, they do have a lot of problems, they will paint the landscape as the perfect world, and they will say "Yes" to a lot of questions, some of which may work and some of which may not.

If you understand your needs, if you know the size of your wallet, and talk to someone who knows this product and understands its limitations, this can be a good enough solution for you.

On a high-level, we primarily use the solution for creating security operation centers.

The flexibility of the search feature and the solution's analytics features are the most valuable parts of the solution.

It's also very user-friendly.

The solution should offer more integrations with third-party solutions, like incident response platforms, or allow access to third-party big data.

The solution is stable.

The solution is scalable.

The initial setup is straightforward. Deployment takes about one month, but it depends on the scope of the project.

We are a reseller, so we recommend a variety of solutions, including this one, to our clients.

I really like the solution's licensing model. It's very useful.

I would rate this solution eight out of ten. I would recommend it to others.