LogLogic Review

I've evaluated Splunk and IBM Q1 but LogLogic is the best choice for log management. SIEM functionality needs improvement.


Valuable Features

You can collect almost any type of log from almost any platform or source. Documentation is extensive with excellent cookbooks. Implementation is very simple and fast. GUI is very intuitive. Platform is stable (max uptime is almost 2Y).

Improvements to My Organization

Response to problems was significantly faster. We quickly discovered the cause of the problem and also we have wasted less time on periodic reporting for auditors.

Room for Improvement

Definitely SIEM – other vendors have gone a lot further in developing SIEM functionality and made a lot more in this area.

Use of Solution

MX3020, SEM 1060 and EVA appliance

Deployment Issues

No. Deployment was fast & simple. In one word - straightforward.

Stability Issues

I believe that the uptime of almost two years is a sufficient indication of how stable this platform is (it would be even longer if we had not reboot the device due to the installation of new versions of the OS).

Scalability Issues

Scalability is more than sufficient – HA clustering, replication, management platform, wide range of device models.

Customer Service and Technical Support

Customer Service:

Personally I have not had much to do with them but I was pleased with them.

Technical Support:

Technical support for LogLogic in Europe is great. These people have extensive and diverse knowledge, and they are quick to answer with precise technical explanations.

Previous Solutions

No, but I have tested other solutions from other vendors and there is always something missing (Symantec, Splunk).

Initial Setup

It was surprisingly straightforward. After setting up network and initial parameters, the only thing what remain is to redirect logs from source to appliance. All supported log types are automatically recognized and that was great! All together that’s about two hours of work.

Implementation Team

Implementation was done in-house. In some more complex situations (integration with OS400) I contacted LogLogic support.

Pricing, Setup Cost and Licensing

Original setup cost is few days. Day to day cost of using this product is approximately less then one day per month to check reports, apply changes and prepare reports for the auditors. Also some of those reports are automated so the relevant employers receive reports on their emails.

Other Solutions Considered

Yes, I have evaluated also Splunk, Symantec, and Q1.

Other Advice

If you are searching for log management solution, LogLogic is probably the best choice. The SIEM functionality is not at that level, and I suggest instead to choose another SIEM solution (eg: IBM Q1). In my experience, a good practice is to separate log management from SIEM in a way that they are two separate systems.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
3 visitors found this review helpful
Add a Comment
Guest
Sign Up with Email