What is our primary use case?
We're a health care organization and we had a specific case where LogPoint was able to help develop a special collector for an earlier version of our storage system, where we had issues with migration. Some files were missing when we migrated to the new system, and we had trouble finding out why. LogPoint was very helpful in designing some drivers which could collect the log data, so we could identify the problem. We're customers of LogPoint and I'm a security consultant.
What is most valuable?
The most valuable features for us have been the log collection, dashboards, and reporting.
What needs improvement?
My issues with the product are mainly with regard to how it handles collecting logs. I'm currently thinking about implementing a new lever feature.
Additional features I'd like to see would be standard help features in developing dashboards and reports, and some of the alerts you can setup.
For how long have I used the solution?
I've been using this solution for 10 years.
What do I think about the stability of the solution?
This is a stable solution.
What do I think about the scalability of the solution?
This is a scalable solution and we're currently expanding. We have 10 users but hoping to expand to 100.
How are customer service and technical support?
The technical support is comprehensive, but you have the same issues as every company that uses India as a support center.
How was the initial setup?
I believe the initial setup was straightforward but there have been some issues with some of the vendors we are using such as Dell EMC Isilon storage systems. They have a very cool setup for sending logs to a log management system.
What other advice do I have?
I would advise people to be aware of their needs, and test some specific use cases, so that you get the benefits from the start, because you don't gain anything out of a SIEM system, if you don't have the right amount of data, from the right sources.
I would rate this product an eight out of 10. I'm Danish so nobody gets a 10! There's always room for improvement.
Which deployment model are you using for this solution?
Which version of this solution are you currently using?