Skip to main content
TrustRadius

Overview

What is LogPoint?

LogPoint detects, analyzes and responds to threats within an organization’s data for faster security investigations. LogPoint is dedicated to helping overloaded security analysts work more efficiently with accelerated detection and response. LogPoint's SIEM solution with UEBA provides users with analytics…

Read more
Recent Reviews

TrustRadius Insights

LogPoint is a versatile software used by users to simplify log management and analysis in their Security Operations Center, or SOC. With …
Continue reading
Read all reviews

Popular Features

View all 12 features
  • Event and log normalization/management (5)
    8.3
    83%
  • Centralized event and log data collection (5)
    8.2
    82%
  • Custom dashboards and workspaces (5)
    7.6
    76%
  • Deployment flexibility (5)
    6.5
    65%
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is LogPoint?

LogPoint detects, analyzes and responds to threats within an organization’s data for faster security investigations. LogPoint is dedicated to helping overloaded security analysts work more efficiently with accelerated detection and response. LogPoint's SIEM solution with

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.logpoint.com/en/pricing

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

23 people also want pricing

Alternatives Pricing

What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

What is Sumo Logic?

Sumo Logic is a log management offering from the San Francisco based company of the same name.

Return to navigation

Product Demos

E-SPIN LogPoint SIEM (formerly ImmuneSecurity SIEM LogInspect) Product Live Demo Part 2 of 2

YouTube

Stackdriver 02 Demo Debugger logpoint

YouTube

E-SPIN LogPoint SIEM (formerly ImmuneSecurity SIEM LogInspect) Product Live Demo Part 1 of 2

YouTube

Logpoint Demo - Converged SIEM

YouTube

Logpoint Demo - Webinar Recording

YouTube
Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

6.3
Avg 7.8
Return to navigation

Product Details

What is LogPoint?

LogPoint detects, analyzes and responds to threats within an organization’s data for faster security investigations. LogPoint is dedicated to helping overloaded security analysts work more efficiently with accelerated detection and response. LogPoint's SIEM solution with UEBA provides users with analytics and ML-driven automation capabilities designed to enable customers to securely build, manage and effectively transform their businesses. The licensing model is flat and based on nodes rather than data volume, giving businesses a predictable price that helps reduce the cost of deploying a SIEM solution on-premise, in the cloud or as an MSSP. The solution integrates with all network devices, so users get a holistic and correlated overview of events in an IT infrastructure. LogPoint SIEM translates all data into one common language so it is possible to compare events across systems. Having a common language enables users to better search, analyze and report on data. When it comes to compliance LogPoint enables automatic monitoring of relevant compliance parameters and alerts users to relevant risks as they happen.

LogPoint Features

Security Information and Event Management (SIEM) Features

  • Supported: Centralized event and log data collection
  • Supported: Correlation
  • Supported: Event and log normalization/management
  • Supported: Deployment flexibility
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces
  • Supported: Host and network-based intrusion detection
  • Supported: Log retention
  • Supported: Data integration/API management
  • Supported: Behavioral analytics and baselining
  • Supported: Rules-based and algorithmic detection thresholds
  • Supported: Response orchestration and automation
  • Supported: Reporting and compliance management
  • Supported: Incident indexing/searching

Additional Features

  • Supported: Data encryption, data masking and/or data obfuscation to users
  • Supported: Common Criteria EAL3+ certification

LogPoint Screenshots

Screenshot of LogPoint SIEM dashboardScreenshot of LogPoint UEBA dashboardScreenshot of LogPoint threat intelligence dashboardScreenshot of All LogPoint alerts are mapped to the MITRE ATT&CK framework

LogPoint Videos

Four reasons to choose LogPoint: In conversation with Columbia College
LogPoint CTO Christian Have shares his insights about how LogPoint is helping companies detect and respond faster than ever before. Without a proper security foundation, even the best tools won’t help companies detect or respond faster.
Faster detection and response with MITRE ATT&CK: How security analysts can use the ATT&CK framework to more quickly understand how an alert relates to a larger attack so they can take the necessary steps to protect their business.

LogPoint Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsLinux
Mobile ApplicationNo

Frequently Asked Questions

Exabeam Fusion, LogRhythm NextGen SIEM Platform, and Splunk Enterprise are common alternatives for LogPoint.

Reviewers rate Event and log normalization/management highest, with a score of 8.3.

The most common users of LogPoint are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(9)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

LogPoint is a versatile software used by users to simplify log management and analysis in their Security Operations Center, or SOC. With LogPoint, users can easily collect logs from various sources and centralize them, providing a comprehensive view of their IT environment. This allows them to monitor and respond to incidents effectively. Users particularly value LogPoint's incident response capabilities, which enable them to address security threats promptly.

In addition to incident response, LogPoint helps users ensure compliance with regulations. Many users rely on the software to collect and analyze logs, helping them meet GDPR and other compliance requirements. LogPoint's log normalization and audit capabilities assist in proactive threat hunting and ensure compliance. Furthermore, the platform offers informative widgets and reporting features that provide valuable insights into user behavior, hardware status, and overall security.

One of LogPoint's standout features is its ability to integrate with other industry leaders through its App Store feature. This allows users to easily enroll and enrich log data from other systems, enhancing the platform's capabilities even further. LogPoint also provides excellent customer support with a helpful onboarding team and global support network.

Overall, LogPoint solves the problems of log management, incident response, compliance monitoring, and threat detection for organizations of all sizes. Its user-friendly interface, robust features, and dedicated focus on security make it a reliable choice for cybersecurity professionals seeking a comprehensive solution.

User-friendly Interface: Users find LogPoint easy to use and appreciate its user-friendly interface, which makes tasks simple to navigate and perform effectively. Several reviewers have specifically mentioned this as a positive aspect of the platform.

Exceptional Sales Support: The salesperson provided exceptional support, impressing users with their knowledge, professionalism, and wealth of information, references, and contacts to address customer concerns. Many users have praised the sales support they received when interacting with LogPoint.

Search Templates for Account Lockouts: Users highly regard LogPoint's capabilities and its usefulness in investigating account lockouts through the Search Templates feature, which allows for defining searches across multiple log sources on a single page. This feature has been highlighted by a significant number of reviewers as being particularly valuable.

Confusing Interface: Some users have found the interface of the SIEM tool to be confusing and took some time to understand. The user interface could be simplified for non-technical users.

Lack of Manual Setup: A drawback mentioned by a user is the lack of manual setup for configuring log sources, making fine-tuning features for exact configuration requirements tricky. Some users wished for more available manuals for guidance.

Challenging Initial Setup: The initial setup and implementation of LogPoint required more local resources than initially communicated to the user. Sizing the required architecture for large installations was also seen as challenging by some reviewers.

Attribute Ratings

Reviews

(1-3 of 3)
Companies can't remove reviews or game the system. Here's why
August 05, 2021

LogPoint review

Fabien Landais | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
LogPoint is used internally to consolidate logs into a single place. Based on that, we are now able to have a cross solution analyse, detect threats and help our operational team to provide the fastest solution. We use LogPoint in the whole organization.
  • Analyse in real time lots of different logs and alert security team based on predefined alert templates.
  • Simple and fast deployment.
  • Pre defined templates available for dashboarding, alerting, reporting and logs normalization.
  • Providing a full Cloud solution
  • Having more documentation for complex deployment
LogPoint could be implemented in different use cases and company sizes based on their deployment options from all-in-one to multiple roles and servers.
LogPoint is less appropriate for "cloud first" companies because it could be complex to deploy to the Cloud.
Security Information and Event Management (SIEM) (14)
43.57142857142857%
4.4
Centralized event and log data collection
100%
10.0
Correlation
90%
9.0
Event and log normalization/management
100%
10.0
Deployment flexibility
80%
8.0
Integration with Identity and Access Management Tools
70%
7.0
Custom dashboards and workspaces
90%
9.0
Host and network-based intrusion detection
80%
8.0
Log retention
N/A
N/A
Data integration/API management
N/A
N/A
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
N/A
N/A
Response orchestration and automation
N/A
N/A
Reporting and compliance management
N/A
N/A
Incident indexing/searching
N/A
N/A
  • Keep the same team to manage more IT resources
  • Having a better logs visibility
LogPoint is easier to implement and less expensive.
Easy web based interface to configure and manage
Easy to contact and they are pretty quick to answer or give advises.
We didn't use any professional services
3
Support / IT Engineering
3
system and network administration skills.
  • System troubleshooting
  • Network troubleshooting
  • IT operation
  • Cloud logs visibility
  • Maybe with the UEBA Cloud feature
We are confident with the solution and we are using it daily
No
  • Price
  • Product Features
  • Product Usability
The usability was really important because we have a small IT team and we need easy to manage solution
No change
  • in-person training
Really nice person with huge skills on LogPoint
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We purchased LogPoint to replace a legacy log collection tool that was end-of-life, but it has become so much more than a repository for logs. We use it to collect logs from endpoints, servers, firewalls, routers, applications etc. Being able to correlate searches across different log sources is invaluable. For example, it has helped us to investigate account lockouts much more quickly, getting the user involved back up and running as swiftly as possible. This used to be a laborious process, checking multiple logs in different locations. Now it's a simple dashboard on a webpage. It's also proved very useful in investigating suspected security incidents.
  • Log storage - depending on the value of the data, you can specify different retention periods.
  • Log enrichment - LogPoint can use various sources, such as Active Directory and threat intelligence feeds, to enrich logs and make them more useful.
  • Correlation - you can write complex search queries that bring in information from multiple log sources.
  • Alerting - any search can be used to configure an automatic alert, triggering an email if an event is detected, or passes a set threshold.
  • Support - LogPoint support is always incredibly helpful.
  • Ease of use - some aspects of LogPoint are difficult to find, hidden away in parts of the product that are not intuitive. For example, you have to go into the Knowledge Base to find the alert rules you've set up.
  • User community - the user community for LogPoint does not seem to be as large or active as some of their competitors.
  • UEBA - so far the UEBA functionality has not generated any usable insights for us.
LogPoint is incredibly useful for pulling information from various log sources and combining them together to offer insights into suspicious or potentially malicious behaviour. It is not intuitive and can take some time to get used to. Once you're up and running though, it's easy to onboard new log sources. Search queries can again be tough to get used to, but LogPoint support is really helpful and can offer assistance with writing more complex searches.
Security Information and Event Management (SIEM) (7)
84.28571428571429%
8.4
Centralized event and log data collection
100%
10.0
Correlation
90%
9.0
Event and log normalization/management
90%
9.0
Deployment flexibility
60%
6.0
Integration with Identity and Access Management Tools
90%
9.0
Custom dashboards and workspaces
90%
9.0
Host and network-based intrusion detection
70%
7.0
LogPoint has quite a steep learning curve. The UI is not intuitive, with some bits of functionality being hidden in places you might not think to look. The search syntax is also quite difficult to master. However, once you overcome these obstacles, LogPoint is actually very easy to use.
LogPoint support is outstanding. They are incredibly helpful, and on occasions have proactively identified issues with our setup, and logged cases on our behalf before we had even noticed there was a problem. If there is a search we need to write that is beyond our skills, LogPoint support can typically write it for us within a couple of days. They are always very responsive, and I am yet to have a bad support experience.
We used a third-party for professional services.
Louis MILCENT | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Reseller
We are an MSSP company with a SOC providing multiple security services, including forensic, pentest, incident response, etc. Initially we were only reseller and LogPoint integrator. The current SIEM we use for our SOC (LogRhythm) has many problems, is very expensive and the technical support team is slow to answer. Especially on log normalization. That is why we have started a migration to use LogPoint instead of LogRhythm in the next month.

LogPoint is not identical with LogRhythm, but has solid strengths, at least:
  • license model
  • technical support team (with possibility of support IP through VPN)
  • log normalization creation for unknown logs are pretty fast
  • no extra cost for high availability architectures
The only drawback for now are:
  • To simple alert management interface. When there is 10 identical alerts, it is difficult to still have a global vision of everything and it is time consuming to resolve all of them. LogPoint is clearly not usable as is for MSSP or big customers, a SOAR solution should be used in addition.
  • Clear interface, except sometime where it is a little bit confusing
  • Lack of self monitoring, we cannot know from the web UI if an alert rule is consuming to much resources.

  • Technical support team is fast and competent
  • License management and cost
  • Log parsing
  • New logs can be provided to the support team for parser creation
  • High Availability architecture does not cost more
  • Alerts interface is too simple, hard to keep visibility if there is more that 10 alarms
  • Web UI is clear but sometimes confusing
  • LogPoint never warns on bad practices that could leads to performance issues
  • Lack of self monitoring, to display which alert rule is consuming too much resources
LogPoint can be deployed easily in high availability to absorb a lot of log per seconds. But LogPoint only, without SOAR, is not well suited for MSSP or big companies that could have a lot of alarm rules every days. There is no link between old and new alarms (for same IOC for example), and the interface is not enough clear to manage them all.
Security Information and Event Management (SIEM) (7)
77.14285714285714%
7.7
Centralized event and log data collection
100%
10.0
Correlation
80%
8.0
Event and log normalization/management
100%
10.0
Deployment flexibility
100%
10.0
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
70%
7.0
Host and network-based intrusion detection
90%
9.0
For all points I already wrote before this question ;)
Support team is very fast to answer and very kind.
N/A
(Cannot skip without answer)
Return to navigation