We performed a comparison between Logpoint and SolarWinds Security Event Manager based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI-based analytics are excellent."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"The features that stand out are the detection engine and its integration with multiple data sources."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"Log collection, dashboards and reporting are good."
"The most beneficial was being able to prove, with proper reports, that from a compliance perspective, the company is in control. The service part of LogPoint did modifications or did some additional work to have the proper reports defined."
"They basically charge you in a better way."
"The solution's user interface is quite simple, and the integration is better than other products."
"The product is easy to use."
"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."
"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
"The flexibility of the search feature and the solution's analytics features are the most valuable parts of the solution."
"It's extremely easy to deploy."
"The most valuable feature of this solution is the visibility into both attempted and failed logins."
"The most valuable feature is the ease of use for the end user."
"SolarWinds Security Event Manager has been generally working well."
"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."
"It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects."
"SolarWinds' stability is fine. I don't think we've had any software issues."
"The most valuable feature is the reporting."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The troubleshooting has room for improvement."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"Dashboards could be developed further."
"LogPoint must find a way to integrate the servers without agents."
"The interface needs things like wizards that will assist with creating complex correlation rules."
"The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."
"What could be improved in LogPoint is its UI because it's less friendly to users than LogRhythm. The UI could be more aesthetically appealing to users. It's completely outdated."
"The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness."
"The solution should offer more integrations and third-party solutions like incident response platforms or allow access to third-party big data"
"We were missing visuals and graphics. Recently, a new version seems to have come out, and it has a new graphical user interface. When I was integrating it, it was usable, but the GUI needed improvement."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."
"There is no correlation made between log entries, so no threat information is presented."
"We'd like more customization capabilities."
"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."
"I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture."
"There are no multiple dashboards which would allow you to see information side-by-side."
"SolarWinds should improve its correlation capabilities. The correlation does not automatically detect and reduce the events fast enough. You have to manually do a correlation report, which means the tool is not scalable in many ways."
More SolarWinds Security Event Manager Pricing and Cost Advice →
Logpoint is ranked 26th in Security Information and Event Management (SIEM) with 20 reviews while SolarWinds Security Event Manager is ranked 20th in Security Information and Event Management (SIEM) with 24 reviews. Logpoint is rated 7.4, while SolarWinds Security Event Manager is rated 7.8. The top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". Logpoint is most compared with IBM Security QRadar, Elastic Security, Rapid7 InsightIDR, Wazuh and ArcSight Enterprise Security Manager (ESM), whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Wazuh and Fortinet FortiSIEM. See our Logpoint vs. SolarWinds Security Event Manager report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.