Logpoint Reviews

Logpoint works as a SIEM system. It provides SOAR functionality as well. It helps clients with users' endpoint behavior analysis.

The product's pricing is based on the number of devices instead of the Event Per Second model like other competitors. It has in-built SOAR functionality; we don't buy a separate solution. The main advantage of Logpoint is the support service. They reply within ten minutes to an hour to our queries. They provide free-of-cost service for routing and other processes, whereas other vendors charge extra costs for it.

We encounter difficulties for the product's micro deployment regarding integration with other systems. It is complicated to collect daily logs from other systems like QRadar and LogRhythm. Our customers are unable to install agents on the endpoint to send the logs. 

We have been reselling Logpoint for more than five years. At present, we are providing the latest version.

I rate Logpoint's stability an eight. We face disruptions while collecting insights.

It is a very modular system. We can quickly scale it horizontally and vertically. It has high availability. Around 70% of customers for the product are small businesses.

The product is straightforward to install as we already have a system snapshot. We downloaded the VMware template and changed the server's admin passwords, time zone, and hostname. It requires an hour to complete. I rate the process a ten out of ten.

Logpoint's pricing is mid-ranged and depends on the number of devices. There are extra costs included if you want to buy additional modules. Also, you can purchase a subscription for 24/7 support services apart from standard 12-hour support services.

LogPoint should provide comprehensive comparison tables similar to QRadar. It shows very general insights.

I rate Logpoint an eight out of ten.

The primary use case is standard compliance to help the user's ability to navigate PCI DSS compliance or GDPR compliance. Besides that, if a user needs to do the log collection and correlation, the solution makes it easy.

The solution offers excellent reporting features. Our customers have been satisfied that they have been able to meet their compliance needs by giving them a standard report. I understand that you can't define the custom reporting features, however.

Overall, the platform has a very good dashboard and a nice correlation engine as well.

Nowadays the trend is going towards ransomware and endpoint detection and response. So if they added something for that, that would be very useful. Plus, there is a trend towards store technology for security orchestration and automated response. That would reduce the workload and the product would be more mature, in terms of information. They should also work on better integration.

The solution is quite stable as long as your server and the hardware is supporting it because it is a virtual kind of software solution. So the software depends on the hardware. If your hardware is supporting it, obviously the solution will be stable. Once you install it, you don't have to worry about it.

Scalability wise, if you are expanding the scope of the SSI devices, you just need to add the number of endpoints or number of servers, and licenses. 

We found technical support very good. But to be very honest, we did not come across any major issue as of yet. If there's that something that we cannot solve ourselves completely, then we are totally reliant on them.

We are the resellers for multiple solutions, so we don't only sell LogPoint. It is a solution we pitch to our smaller customers.

The initial setup was straightforward. Usually, we can deploy the solution within three days. We usually take two days and keep an extra day for a buffer, just for fine-tuning some policies and things like that. For a small deployment, one person is enough.

For the first two deployments, we did have help. After that, we did not need it because there is direct support from LogPoint. We can use tickets and get help if necessary.

As long as the solution is working, and you are in compliance with all the internal audit policies, you will see a return on investment. 

The licensing structure is super. It's not like other complex environments. They work on the EPS or MPS, but they also work on a number of devices. It's very straightforward. They have a different pricing structure for the lighter devices, so that makes it a very cost-effective solution.

For a hundred user deployment the cost is about $10,000. The next year it would be the same because it's a subscription-based license. There are separate costs as well, for example, if a customer asks for training for their staff. 

We are a reseller of the solution.

I would recommend the solution. Go with the trial version and evaluate it first, because individual tastes may differ. I'm not the end-user, I'm the reseller. We have managed to meet the customer's requirements for adhering to their compliance or getting the solution onboard to their satisfaction. In the end, however, when an end-user uses the solution, they will ultimately have a clearer idea about the pitfalls or upsides of it.

I would rate the solution eight out of ten.

We use the solution for SIEM and SOAR.

The product is easy to use. It provides unlimited EPS.

Sometimes, the product is not stable.

I have been using the solution for more than five years.

There are some bugs. I think the newer version will not have such issues.

The tool is scalable.

Support is very good.

Neutral

I have used IBM QRadar. One of the main reasons why we switched to Logpoint was cost.

We took a month to deploy the solution.

The product should provide a perpetual license.

We evaluated FortiSIEM. We chose Logpoint because it was technically sound.

Overall, I rate the tool a seven out of ten.

It's a product that will get the job done as a simple version of a SIEM or an advanced logger, and the price makes it a very competitive product.

LogPoint is a good logger. It's a product that you can get up and running in a few hours. It's fast.

As LogPoint is fairly new, it is swamped with small and fairly large problems. Most of these are eventually fixed by patches or by manually editing the system.

Also, they need to listen more to the technical users to evolve this to a real SIEM and not "SIEM but different".

Yes. As the product is fairly new, they do have some problems with stability.

The syslog_collector service needs some work.

The ODBC_Fetcher needs a lot of work and they do have other problems.

This is something that LogPoint is good at. It's very modular so it's very forgiving if you have the need to change something.

Customer Service:

This is a HUGE problem. Their customer service is getting better, but sometimes it can take several days before I even got a first reply on a critical error.

Technical Support:

As I worked a lot with them and they are not that many, their technical competence and ways to attack a problem differ greatly. A few have a 7/10 skill and some have a 10/10 skill.

There are no levels of support, and if they can't help, R&D had to get involved.

The common thing they all have is a 3/10 English skill and this is a problem. I'm not saying I'm 10/10, but this made it very difficult and there were many misunderstandings.

We used a different solution, and we switched because of the price.

At first glance, LogPoint is easy to set up. But when you lift the hood, this is where problems start and the learning curve is very steep.

I am a certified LogPoint Technical Specialist, and I had help from colleagues who are also certified, LogPoint support, and the local sales engineer.

Price and licensing are very good and simple, but they have been known to change it.

Yes, we evaluated some of the larger SIEM software solutions.

Even if I bash a lot on LogPoint, I must say that it's a "bang for the buck" product. Yes, they do have a lot of problems, they will paint the landscape as the perfect world, and they will say "Yes" to a lot of questions, some of which may work and some of which may not.

If you understand your needs, if you know the size of your wallet, and talk to someone who knows this product and understands its limitations, this can be a good enough solution for you.

We have certain vendors, and our work is to deploy the SIEM solution.

We like the user and entity behaviour analytics (UEBA) and find it valuable. The interface is also user-friendly and good.

Log management could be better because transporting the log from a password to the client system takes time.

We have been using this solution for six months, and we are using the latest version.

I rate the stability a nine out of ten.

I rate the scalability a nine out of ten. We have over 50,000 people using this solution.

I rate the technical support an eight out of ten.

We didn't use another solution before LogPoint.

I rate the setup an eight out of ten. The solution is deployed on cloud, and it takes a few hours to deploy with a team of five people made up of some engineers.

There is a good ROI monetarily. We have seen approximately a 40% ROI.

I rate the pricing an eight out of ten because it is quite expensive. There are no additional costs that I know of.

I rate this solution a nine out of ten. It is a good product, and while it has complex security, it has many features.

On a high-level, we primarily use the solution for creating security operation centers.

The flexibility of the search feature and the solution's analytics features are the most valuable parts of the solution.

It's also very user-friendly.

The solution should offer more integrations with third-party solutions, like incident response platforms, or allow access to third-party big data.

The solution is stable.

The solution is scalable.

The initial setup is straightforward. Deployment takes about one month, but it depends on the scope of the project.

We are a reseller, so we recommend a variety of solutions, including this one, to our clients.

I really like the solution's licensing model. It's very useful.

I would rate this solution eight out of ten. I would recommend it to others.