LogPoint Review

Good technical support but it is complex to use and resource-heavy

What is our primary use case?

We use LogPoint for log collection. We have a specific use case around a system that was not able to provide this kind of correlation. However, we are going to get rid of the legacy platform within the year and will be moving away from LogPoint.

What is most valuable?

The most valuable feature is the log creating according to specific rules.

What needs improvement?

LogPoint is complex and we don't have the skills to maintain use cases or even to extend the use cases. Because of this, we are unable to take advantage of the SIEM platform. We need something more self-running, hosted, and automatically recognizes problems the way the AI platforms are providing.

The interface needs things like wizards that will assist with creating complex correlation rules.

The platform is very resource-demanding, although this is typical of SIEM solutions.

For how long have I used the solution?

We have been using LogPoint for three or four years.

What do I think about the stability of the solution?

We did have problems with stability in the past and we had one ticket that was open for a couple of months. It was due to their platform having trouble reading sources coming from different kinds of services.

What do I think about the scalability of the solution?

We are using LogPoint on a very small scale. I did some complex reports and it was working but it needed a lot of memory on the local server.

We have about 150 employees and there are two or three operators.

How are customer service and technical support?

Technical support is responsive and very friendly. We have no issues with that.

Which solution did I use previously and why did I switch?

I have a lot of experience with Splunk, Radar, ArcSight, and the EMC platform. All of them consume a lot of system resources.

We did not use another SIEM solution in-house prior to LogPoint, although we did do some management using Rapid7 technology.

How was the initial setup?

The initial setup was complex.

What's my experience with pricing, setup cost, and licensing?

Our licensing fees are about $10,000 USD per month, which I think is fair. The licensing fees include product enhancements, support, and it satisfies some mandatory regulatory aspects that we need to fulfill. We are also not taking full advantage of the capabilities, such as advanced analytics.

If we wanted to take full advantage of the capabilities then we would need to invest between $20,000 and $50,000 in consulting fees.

Which other solutions did I evaluate?

LogPoint was selected before I was in this position, so I was not part of the process. My understanding is that several products were considered but LogPoint was chosen because the price of the license was attractive.

At this point, we are thinking about moving to Darktrace.

What other advice do I have?

We are moving away from this solution and are looking for something automated, like Darktrace.

My advice for anybody who is implementing this solution is to first have a very clear understanding of the use cases, what you want to use it for, and what you want to report. 

Don't be afraid to look for a cloud-based solution, especially when it comes to SIEM products. It removes a lot of trouble related to internal servers and the complexity of accessing the SIEM from outside. If you have to implement your own MSA then I would suggest reconsidering any case of using an internal SIEM. Especially for smaller companies, this will provide much more value.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More LogPoint reviews from users
...who compared it with IBM QRadar
Learn what your peers think about LogPoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
509,820 professionals have used our research since 2012.
Add a Comment