I'm using LogPoint as a commercial product. My company uses LogPoint for data aggregation, which is also used for creating custom use cases based on organizational leads. Then, my company triggers and escalates to the IT team responsible for solving loopholes and problems seen via LogPoint.
SOC Analyst at a comms service provider with 201-500 employees
Cost-effective and has better dashboards and a good use case creation feature, but its UI needs to be user-friendly, and it needs to be better in processing multiple logs
Pros and Cons
- "What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
- "What could be improved in LogPoint is its UI because it's less friendly to users than LogRhythm. The UI could be more aesthetically appealing to users. It's completely outdated."
What is our primary use case?
What is most valuable?
What I like best about LogPoint is its cost-effectiveness compared to other solutions.
LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets. For example, if you have some servers. DMZs, or different types of servers, such as core banking servers, you can apply the use cases to the targeted groups or the whole system.
What needs improvement?
What could be improved in LogPoint is its UI because it's less friendly to users than LogRhythm. The UI could be more aesthetically appealing to users. It's completely outdated. For example, it lacks color. IBM QRadar and LogRhythm have better UI than LogPoint. The solution needs a custom dashboard feature to make it better.
LogPoint also needs to improve its network hierarchy diagram. You can't create the whole network diagram if you have the entire subnet system of your server form or your DMZs. This means that in LogPoint, it's pretty difficult to visualize the network hierarchy diagrams, so this is another area for improvement in the solution.
Handling multiple types of logs also has room for improvement in LogPoint. Sometimes, it discards logs, and it has difficulty processing various logs.
An additional feature I'd like the product to have in its next release is the multiple log processing feature.
For how long have I used the solution?
I've used LogPoint for two years, but the last time I used the solution was more than six months ago.
Buyer's Guide
Logpoint
November 2024
Learn what your peers think about Logpoint. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
There were some glitches in LogPoint, so it wasn't as stable. For example, if we exceed our EPS, or if there are data not normalized by the editor, or logs generated by assets that LogPoint doesn't normalize, those logs won't be processed.
LogPoint can't handle multiple types of logs. For example, for IAS servers that generate various kinds of logs, such as system and security logs, at some point, LogPoint still needs to manage and understand the different logs. Sometimes, the solution discards the logs. This is why we moved to LogRhytm.
How are customer service and support?
I opened some tickets with LogPoint support when I was still using the product. It was easy to open tickets and connect with the LogPoint support team. The higher level team, the L2 group, was quite competitive, but the lower level team, the L1, needed work because the L1 staff sometimes failed to understand my problems with LogPoint.
The L1 support team usually escalates the issues to the L2 support team, so the level of escalations in LogPoint is higher than in IBM QRadar.
The IBM QRadar L1 team is more competitive than the LogPoint L1 team.
I feel that LogPoint has outsourced L1 issues. That should be done in-house.
On a scale of one to five, I rate LogPoint technical support as two.
Which solution did I use previously and why did I switch?
I've suspended using LogPoint because I shifted to LogRhythm. I'm now using LogRhythm because it's more user-friendly with a better UI than what LogPoint has. LogPoint also can't handle multiple log types. Though LogPoint is cost-friendly, LogRhythm provides features that both LogPoint and IBM QRadar and other solutions can't offer.
How was the initial setup?
The initial setup for LogPoint is pretty straightforward. It's relatively easy to learn and understand, especially for small organizations. I belong to a small organization that can't afford more expensive products. You won't see LogPoint in review site scoreboards, for example, in Gartner, and the product isn't found under Leaders and Visionaries, but it's still quite effective. It's comparable to going for open-source systems.
Deploying LogPoint was relatively easy. I've been deploying it for a long time. The process is easy, but it's based on how many systems you need to connect to LogPoint. For example, my company has more than fifty assets that need to be integrated with LogPoint, so that could take some time, though the deployment process is much easier. I was able to deploy it within one hour, though.
What about the implementation team?
LogPoint was implemented in-house. I also did some of the implementations, which was relatively easy.
What's my experience with pricing, setup cost, and licensing?
My company used to pay for LogPoint costs annually. It's a cost-effective solution.
I'm not part of the Finance team, though, so I'm not sure exactly what the licensing fee is or what license my company had.
Which other solutions did I evaluate?
I've evaluated IBM QRadar and LogRhythm.
What other advice do I have?
I have experience with IBM QRadar for more than three years. I also have experience with LogPoint. I've used LogRhythm as well for more than two years now.
My company is a partner of LogPoint, but first, it was a vendor, then it became a partner that collectively collaborated with LogPoint, recommending LogPoint seminars to customers.
Fifty percent of people in the organization use LogPoint, mostly security engineers. One person can handle the maintenance for LogPoint, specifically for a small organization.
As I've not used LogPoint in the last four to six months, I'm no longer updated on what changes were made to the product. If LogPoint works much better for you, then I'd recommend it. Still, if you're considering the product commercially, it's better to go with another solution that works better, with fewer issues, at least from a smaller organization standpoint.
My rating for LogPoint is four out of ten. I didn't give it a higher mark because it needs to improve in several areas, including the GUI, network hierarchy diagrams, and log optimization.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Security Consultant at a government with 10,001+ employees
Enables ability to design drivers for log data collection which has improved efficiency
Pros and Cons
- "Log collection, dashboards and reporting are good."
- "Dashboards could be developed further."
What is our primary use case?
We're a health care organization and we had a specific case where LogPoint was able to help develop a special collector for an earlier version of our storage system, where we had issues with migration. Some files were missing when we migrated to the new system, and we had trouble finding out why. LogPoint was very helpful in designing some drivers which could collect the log data, so we could identify the problem. We're customers of LogPoint and I'm a security consultant.
What is most valuable?
The most valuable features for us have been the log collection, dashboards, and reporting.
What needs improvement?
My issues with the product are mainly with regard to how it handles collecting logs. I'm currently thinking about implementing a new lever feature.
Additional features I'd like to see would be standard help features in developing dashboards and reports, and some of the alerts you can setup.
For how long have I used the solution?
I've been using this solution for 10 years.
What do I think about the stability of the solution?
This is a stable solution.
What do I think about the scalability of the solution?
This is a scalable solution and we're currently expanding. We have 10 users but hoping to expand to 100.
How are customer service and technical support?
The technical support is comprehensive, but you have the same issues as every company that uses India as a support center.
How was the initial setup?
I believe the initial setup was straightforward but there have been some issues with some of the vendors we are using such as Dell EMC Isilon storage systems. They have a very cool setup for sending logs to a log management system.
What other advice do I have?
I would advise people to be aware of their needs, and test some specific use cases, so that you get the benefits from the start, because you don't gain anything out of a SIEM system, if you don't have the right amount of data, from the right sources.
I would rate this product an eight out of 10. I'm Danish so nobody gets a 10! There's always room for improvement.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Logpoint
November 2024
Learn what your peers think about Logpoint. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Cyber Security Analyst at a tech services company with 11-50 employees
Great user and entity behaviour analytics with a user-friendly interface
Pros and Cons
- "We like the user and entity behaviour analytics (UEBA) and find it valuable."
- "Log management could be better because transporting the log from a password to the client system takes time."
What is our primary use case?
We have certain vendors, and our work is to deploy the SIEM solution.
What is most valuable?
We like the user and entity behaviour analytics (UEBA) and find it valuable. The interface is also user-friendly and good.
What needs improvement?
Log management could be better because transporting the log from a password to the client system takes time.
For how long have I used the solution?
We have been using this solution for six months, and we are using the latest version.
What do I think about the stability of the solution?
I rate the stability a nine out of ten.
What do I think about the scalability of the solution?
I rate the scalability a nine out of ten. We have over 50,000 people using this solution.
How are customer service and support?
I rate the technical support an eight out of ten.
Which solution did I use previously and why did I switch?
We didn't use another solution before LogPoint.
How was the initial setup?
I rate the setup an eight out of ten. The solution is deployed on cloud, and it takes a few hours to deploy with a team of five people made up of some engineers.
What was our ROI?
There is a good ROI monetarily. We have seen approximately a 40% ROI.
What's my experience with pricing, setup cost, and licensing?
I rate the pricing an eight out of ten because it is quite expensive. There are no additional costs that I know of.
What other advice do I have?
I rate this solution a nine out of ten. It is a good product, and while it has complex security, it has many features.
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Security Professional with 501-1,000 employees
It's a product that you can get up and running in a few hours. As it's fairly new, it is swamped with small and fairly large problems.
How has it helped my organization?
It's a product that will get the job done as a simple version of a SIEM or an advanced logger, and the price makes it a very competitive product.
What is most valuable?
LogPoint is a good logger. It's a product that you can get up and running in a few hours. It's fast.
What needs improvement?
As LogPoint is fairly new, it is swamped with small and fairly large problems. Most of these are eventually fixed by patches or by manually editing the system.
Also, they need to listen more to the technical users to evolve this to a real SIEM and not "SIEM but different".
What do I think about the stability of the solution?
Yes. As the product is fairly new, they do have some problems with stability.
The syslog_collector service needs some work.
The ODBC_Fetcher needs a lot of work and they do have other problems.
What do I think about the scalability of the solution?
This is something that LogPoint is good at. It's very modular so it's very forgiving if you have the need to change something.
How are customer service and technical support?
Customer Service:
This is a HUGE problem. Their customer service is getting better, but sometimes it can take several days before I even got a first reply on a critical error.
Technical Support:
As I worked a lot with them and they are not that many, their technical competence and ways to attack a problem differ greatly. A few have a 7/10 skill and some have a 10/10 skill.
There are no levels of support, and if they can't help, R&D had to get involved.
The common thing they all have is a 3/10 English skill and this is a problem. I'm not saying I'm 10/10, but this made it very difficult and there were many misunderstandings.
Which solution did I use previously and why did I switch?
We used a different solution, and we switched because of the price.
How was the initial setup?
At first glance, LogPoint is easy to set up. But when you lift the hood, this is where problems start and the learning curve is very steep.
What about the implementation team?
I am a certified LogPoint Technical Specialist, and I had help from colleagues who are also certified, LogPoint support, and the local sales engineer.
What's my experience with pricing, setup cost, and licensing?
Price and licensing are very good and simple, but they have been known to change it.
Which other solutions did I evaluate?
Yes, we evaluated some of the larger SIEM software solutions.
What other advice do I have?
Even if I bash a lot on LogPoint, I must say that it's a "bang for the buck" product. Yes, they do have a lot of problems, they will paint the landscape as the perfect world, and they will say "Yes" to a lot of questions, some of which may work and some of which may not.
If you understand your needs, if you know the size of your wallet, and talk to someone who knows this product and understands its limitations, this can be a good enough solution for you.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Architect at a tech services company with 51-200 employees
A user friendly solution that is scalable and very straightforward to set up
Pros and Cons
- "The flexibility of the search feature and the solution's analytics features are the most valuable parts of the solution."
- "The solution should offer more integrations and third-party solutions like incident response platforms or allow access to third-party big data"
What is our primary use case?
On a high-level, we primarily use the solution for creating security operation centers.
What is most valuable?
The flexibility of the search feature and the solution's analytics features are the most valuable parts of the solution.
It's also very user-friendly.
What needs improvement?
The solution should offer more integrations with third-party solutions, like incident response platforms, or allow access to third-party big data.
For how long have I used the solution?
I have been reselling the solution for one year.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The solution is scalable.
How was the initial setup?
The initial setup is straightforward. Deployment takes about one month, but it depends on the scope of the project.
What other advice do I have?
We are a reseller, so we recommend a variety of solutions, including this one, to our clients.
I really like the solution's licensing model. It's very useful.
I would rate this solution eight out of ten. I would recommend it to others.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Buyer's Guide
Download our free Logpoint Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Security Information and Event Management (SIEM) Log Management User Entity Behavior Analytics (UEBA) Endpoint Detection and Response (EDR) Security Orchestration Automation and Response (SOAR)Popular Comparisons
Wazuh
Splunk Enterprise Security
Microsoft Sentinel
IBM Security QRadar
Elastic Security
LogRhythm SIEM
Sumo Logic Security
Rapid7 InsightIDR
Fortinet FortiSIEM
AlienVault OSSIM
USM Anywhere
Exabeam
ArcSight Enterprise Security Manager (ESM)
Sentinel
SolarWinds Security Event Manager
Buyer's Guide
Download our free Logpoint Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What Solution for SIEM is Best To Be NIST 800-171 Compliant?
- When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?
- What are the main differences between Nessus and Arcsight?
- Which is the best SIEM solution for a government organization?
- What is the difference between IT event correlation and aggregation?
- What Is SIEM Used For?
- What Questions Should I Ask Before Buying SIEM?
- RSA-EMC vs. other SIEM products?
- What are the pros and cons of internal SOC vs SOC-as-a-Service?
- Between AlienVault and LogRhythm, which solution is suitable for Banks in Gulf Region