LogLogic Review

I've evaluated Splunk and IBM Q1 but LogLogic is the best choice for log management. SIEM functionality needs improvement.


What is most valuable?

You can collect almost any type of log from almost any platform or source. Documentation is extensive with excellent cookbooks. Implementation is very simple and fast. GUI is very intuitive. Platform is stable (max uptime is almost 2Y).

How has it helped my organization?

Response to problems was significantly faster. We quickly discovered the cause of the problem and also we have wasted less time on periodic reporting for auditors.

What needs improvement?

Definitely SIEM – other vendors have gone a lot further in developing SIEM functionality and made a lot more in this area.

For how long have I used the solution?

MX3020, SEM 1060 and EVA appliance

What was my experience with deployment of the solution?

No. Deployment was fast & simple. In one word - straightforward.

What do I think about the stability of the solution?

I believe that the uptime of almost two years is a sufficient indication of how stable this platform is (it would be even longer if we had not reboot the device due to the installation of new versions of the OS).

What do I think about the scalability of the solution?

Scalability is more than sufficient – HA clustering, replication, management platform, wide range of device models.

How are customer service and technical support?

Customer Service:

Personally I have not had much to do with them but I was pleased with them.

Technical Support:

Technical support for LogLogic in Europe is great. These people have extensive and diverse knowledge, and they are quick to answer with precise technical explanations.

Which solution did I use previously and why did I switch?

No, but I have tested other solutions from other vendors and there is always something missing (Symantec, Splunk).

How was the initial setup?

It was surprisingly straightforward. After setting up network and initial parameters, the only thing what remain is to redirect logs from source to appliance. All supported log types are automatically recognized and that was great! All together that’s about two hours of work.

What about the implementation team?

Implementation was done in-house. In some more complex situations (integration with OS400) I contacted LogLogic support.

What's my experience with pricing, setup cost, and licensing?

Original setup cost is few days. Day to day cost of using this product is approximately less then one day per month to check reports, apply changes and prepare reports for the auditors. Also some of those reports are automated so the relevant employers receive reports on their emails.

Which other solutions did I evaluate?

Yes, I have evaluated also Splunk, Symantec, and Q1.

What other advice do I have?

If you are searching for log management solution, LogLogic is probably the best choice. The SIEM functionality is not at that level, and I suggest instead to choose another SIEM solution (eg: IBM Q1). In my experience, a good practice is to separate log management from SIEM in a way that they are two separate systems.


Disclosure: I am a real user, and this review is based on my own experience and opinions.

3 visitors found this review helpful
Add a Comment
Guest