We performed a comparison between AlienVault OSSIM and Logpoint based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"The initial setup is very simple and straightforward."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"It's pretty powerful and its performance is pretty good."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The product can integrate with any device."
"Better than other SIEM solutions because almost everything can be integrated."
"The initial setup is straightforward."
"The threat alerts it gives me from time to time on harmful code within the network, or if they are generating any network traffic, are very useful."
"The product is easy to use."
"AlienVault OSSIM's GUI is very user-friendly."
"AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations."
"The initial setup was straightforward. I didn't have any problems."
"The threat policies of the solution are always very advanced and the best in the market. They are very persistent in terms of keeping up with security protocols."
"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."
"Log collection, dashboards and reporting are good."
"The flexibility of the search feature and the solution's analytics features are the most valuable parts of the solution."
"The solution's most valuable aspect is the combination of the software and the support that they have."
"The main advantage of Logpoint is the support service. They reply within ten minutes to an hour to our queries."
"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
"The most valuable features are the ones that we use the most, which are the search and report facilities."
"We like the user and entity behaviour analytics (UEBA) and find it valuable."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"I would like to see more AI used in processes."
"AlienVault OSSIM gives unwanted notifications."
"The solution needs more integration with cyber intelligence systems."
"The incidence reporting could be better."
"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."
"There needs to be more support or some kind of training program so users can self-learn the system more effectively."
"The price of this solution is very high and it could be cheaper."
"It's so hard to configure and explore something new on it."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"Logpoint is not flexible. Its documentation is not user-friendly."
"The interface needs things like wizards that will assist with creating complex correlation rules."
"The solution should offer more integrations and third-party solutions like incident response platforms or allow access to third-party big data"
"The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."
"Dashboards could be developed further."
"LogPoint must find a way to integrate the servers without agents."
"It is a good product, but its interface or GUI could be better."
"We were missing visuals and graphics. Recently, a new version seems to have come out, and it has a new graphical user interface. When I was integrating it, it was usable, but the GUI needed improvement."
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 26 reviews while Logpoint is ranked 24th in Security Information and Event Management (SIEM) with 20 reviews. AlienVault OSSIM is rated 7.4, while Logpoint is rated 7.4. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and Fortinet FortiSIEM, whereas Logpoint is most compared with IBM Security QRadar, Elastic Security, Rapid7 InsightIDR, LogRhythm SIEM and Wazuh. See our AlienVault OSSIM vs. Logpoint report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.