Skip to main content
TrustRadius

Overview

What is LogPoint?

LogPoint detects, analyzes and responds to threats within an organization’s data for faster security investigations. LogPoint is dedicated to helping overloaded security analysts work more efficiently with accelerated detection and response. LogPoint's SIEM solution with UEBA provides users with analytics…

Read more

Learn from top reviewers

Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is LogPoint?

LogPoint detects, analyzes and responds to threats within an organization’s data for faster security investigations. LogPoint is dedicated to helping overloaded security analysts work more efficiently with accelerated detection and response. LogPoint's SIEM solution with

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.logpoint.com/en/pricing

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

24 people also want pricing

Alternatives Pricing

What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

What is Sumo Logic?

Sumo Logic is a log management offering from the San Francisco based company of the same name.

Return to navigation

Product Demos

E-SPIN LogPoint SIEM (formerly ImmuneSecurity SIEM LogInspect) Product Live Demo Part 2 of 2

YouTube

Stackdriver 02 Demo Debugger logpoint

YouTube

E-SPIN LogPoint SIEM (formerly ImmuneSecurity SIEM LogInspect) Product Live Demo Part 1 of 2

YouTube

Logpoint Demo - Converged SIEM

YouTube

Logpoint Demo - Webinar Recording

YouTube
Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

6.3
Avg 7.8
Return to navigation

Product Details

What is LogPoint?

LogPoint detects, analyzes and responds to threats within an organization’s data for faster security investigations. LogPoint is dedicated to helping overloaded security analysts work more efficiently with accelerated detection and response. LogPoint's SIEM solution with UEBA provides users with analytics and ML-driven automation capabilities designed to enable customers to securely build, manage and effectively transform their businesses. The licensing model is flat and based on nodes rather than data volume, giving businesses a predictable price that helps reduce the cost of deploying a SIEM solution on-premise, in the cloud or as an MSSP. The solution integrates with all network devices, so users get a holistic and correlated overview of events in an IT infrastructure. LogPoint SIEM translates all data into one common language so it is possible to compare events across systems. Having a common language enables users to better search, analyze and report on data. When it comes to compliance LogPoint enables automatic monitoring of relevant compliance parameters and alerts users to relevant risks as they happen.

LogPoint Features

Security Information and Event Management (SIEM) Features

  • Supported: Centralized event and log data collection
  • Supported: Correlation
  • Supported: Event and log normalization/management
  • Supported: Deployment flexibility
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces
  • Supported: Host and network-based intrusion detection
  • Supported: Log retention
  • Supported: Data integration/API management
  • Supported: Behavioral analytics and baselining
  • Supported: Rules-based and algorithmic detection thresholds
  • Supported: Response orchestration and automation
  • Supported: Reporting and compliance management
  • Supported: Incident indexing/searching

Additional Features

  • Supported: Data encryption, data masking and/or data obfuscation to users
  • Supported: Common Criteria EAL3+ certification

LogPoint Screenshots

Screenshot of LogPoint SIEM dashboardScreenshot of LogPoint UEBA dashboardScreenshot of LogPoint threat intelligence dashboardScreenshot of All LogPoint alerts are mapped to the MITRE ATT&CK framework

LogPoint Videos

Four reasons to choose LogPoint: In conversation with Columbia College
LogPoint CTO Christian Have shares his insights about how LogPoint is helping companies detect and respond faster than ever before. Without a proper security foundation, even the best tools won’t help companies detect or respond faster.
Faster detection and response with MITRE ATT&CK: How security analysts can use the ATT&CK framework to more quickly understand how an alert relates to a larger attack so they can take the necessary steps to protect their business.

LogPoint Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsLinux
Mobile ApplicationNo

Frequently Asked Questions

Exabeam Fusion, LogRhythm NextGen SIEM Platform, and Splunk Enterprise are common alternatives for LogPoint.

Reviewers rate Event and log normalization/management highest, with a score of 8.3.

The most common users of LogPoint are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

LogPoint is a versatile software used by users to simplify log management and analysis in their Security Operations Center, or SOC. With LogPoint, users can easily collect logs from various sources and centralize them, providing a comprehensive view of their IT environment. This allows them to monitor and respond to incidents effectively. Users particularly value LogPoint's incident response capabilities, which enable them to address security threats promptly.

In addition to incident response, LogPoint helps users ensure compliance with regulations. Many users rely on the software to collect and analyze logs, helping them meet GDPR and other compliance requirements. LogPoint's log normalization and audit capabilities assist in proactive threat hunting and ensure compliance. Furthermore, the platform offers informative widgets and reporting features that provide valuable insights into user behavior, hardware status, and overall security.

One of LogPoint's standout features is its ability to integrate with other industry leaders through its App Store feature. This allows users to easily enroll and enrich log data from other systems, enhancing the platform's capabilities even further. LogPoint also provides excellent customer support with a helpful onboarding team and global support network.

Overall, LogPoint solves the problems of log management, incident response, compliance monitoring, and threat detection for organizations of all sizes. Its user-friendly interface, robust features, and dedicated focus on security make it a reliable choice for cybersecurity professionals seeking a comprehensive solution.

User-friendly Interface: Users find LogPoint easy to use and appreciate its user-friendly interface, which makes tasks simple to navigate and perform effectively. Several reviewers have specifically mentioned this as a positive aspect of the platform.

Exceptional Sales Support: The salesperson provided exceptional support, impressing users with their knowledge, professionalism, and wealth of information, references, and contacts to address customer concerns. Many users have praised the sales support they received when interacting with LogPoint.

Search Templates for Account Lockouts: Users highly regard LogPoint's capabilities and its usefulness in investigating account lockouts through the Search Templates feature, which allows for defining searches across multiple log sources on a single page. This feature has been highlighted by a significant number of reviewers as being particularly valuable.

Confusing Interface: Some users have found the interface of the SIEM tool to be confusing and took some time to understand. The user interface could be simplified for non-technical users.

Lack of Manual Setup: A drawback mentioned by a user is the lack of manual setup for configuring log sources, making fine-tuning features for exact configuration requirements tricky. Some users wished for more available manuals for guidance.

Challenging Initial Setup: The initial setup and implementation of LogPoint required more local resources than initially communicated to the user. Sizing the required architecture for large installations was also seen as challenging by some reviewers.

(1-5 of 5)

LogPoint: a solid SIEM solution!

Rating: 9 out of 10
July 20, 2021
We are an MSSP company with a SOC providing multiple security services, including forensic, pentest, incident response, etc. Initially we were only reseller and LogPoint integrator. The current SIEM we use for our SOC (LogRhythm) has many problems, is very expensive and the technical support team is slow to answer. Especially on log normalization. That is why we have started a migration to use LogPoint instead of LogRhythm in the next month.

LogPoint is not identical with LogRhythm, but has solid strengths, at least:
  • license model
  • technical support team (with possibility of support IP through VPN)
  • log normalization creation for unknown logs are pretty fast
  • no extra cost for high availability architectures
The only drawback for now are:
  • To simple alert management interface. When there is 10 identical alerts, it is difficult to still have a global vision of everything and it is time consuming to resolve all of them. LogPoint is clearly not usable as is for MSSP or big customers, a SOAR solution should be used in addition.
  • Clear interface, except sometime where it is a little bit confusing
  • Lack of self monitoring, we cannot know from the web UI if an alert rule is consuming to much resources.

  • Technical support team is fast and competent
  • License management and cost
  • Log parsing
  • New logs can be provided to the support team for parser creation
  • High Availability architecture does not cost more
Cons
  • Alerts interface is too simple, hard to keep visibility if there is more that 10 alarms
  • Web UI is clear but sometimes confusing
  • LogPoint never warns on bad practices that could leads to performance issues
  • Lack of self monitoring, to display which alert rule is consuming too much resources
LogPoint can be deployed easily in high availability to absorb a lot of log per seconds. But LogPoint only, without SOAR, is not well suited for MSSP or big companies that could have a lot of alarm rules every days. There is no link between old and new alarms (for same IOC for example), and the interface is not enough clear to manage them all.
Security Information and Event Management (SIEM) (7)
77.14285714285714%
7.7
Centralized event and log data collection
100%
10.0
Correlation
80%
8.0
Event and log normalization/management
100%
10.0
Deployment flexibility
100%
10.0
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
70%
7.0
Host and network-based intrusion detection
90%
9.0
For all points I already wrote before this question ;)
Support team is very fast to answer and very kind.
N/A
(Cannot skip without answer)

LogPoint review

Rating: 9 out of 10
August 05, 2021
FL
Vetted Review
Verified User
LogPoint
6 years of experience
LogPoint is used internally to consolidate logs into a single place. Based on that, we are now able to have a cross solution analyse, detect threats and help our operational team to provide the fastest solution. We use LogPoint in the whole organization.
  • Analyse in real time lots of different logs and alert security team based on predefined alert templates.
  • Simple and fast deployment.
  • Pre defined templates available for dashboarding, alerting, reporting and logs normalization.
Cons
  • Providing a full Cloud solution
  • Having more documentation for complex deployment
LogPoint could be implemented in different use cases and company sizes based on their deployment options from all-in-one to multiple roles and servers.
LogPoint is less appropriate for "cloud first" companies because it could be complex to deploy to the Cloud.
Security Information and Event Management (SIEM) (14)
43.57142857142857%
4.4
Centralized event and log data collection
100%
10.0
Correlation
90%
9.0
Event and log normalization/management
100%
10.0
Deployment flexibility
80%
8.0
Integration with Identity and Access Management Tools
70%
7.0
Custom dashboards and workspaces
90%
9.0
Host and network-based intrusion detection
80%
8.0
Log retention
N/A
N/A
Data integration/API management
N/A
N/A
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
N/A
N/A
Response orchestration and automation
N/A
N/A
Reporting and compliance management
N/A
N/A
Incident indexing/searching
N/A
N/A
  • Keep the same team to manage more IT resources
  • Having a better logs visibility
LogPoint is easier to implement and less expensive.
Easy web based interface to configure and manage
Easy to contact and they are pretty quick to answer or give advises.
We didn't use any professional services
3
Support / IT Engineering
3
system and network administration skills.
  • System troubleshooting
  • Network troubleshooting
  • IT operation
  • Cloud logs visibility
  • Maybe with the UEBA Cloud feature
We are confident with the solution and we are using it daily
No
  • Price
  • Product Features
  • Product Usability
The usability was really important because we have a small IT team and we need easy to manage solution
No change
  • in-person training
Really nice person with huge skills on LogPoint

Good pricing model but software needs some improvement

Rating: 5 out of 10
August 12, 2021
AM
Vetted Review
Verified User
LogPoint
2 years of experience
We are a LogPoint partner, and I'm in charge of integrating the solution in our customers' environments. The reasons our customers choose LogPoint vary from needing a central log repository for compliance reasons to speeding up investigations, etc. The main reasons I see for LogPoint being chosen instead of other SIEM solutions is its pricing model.
  • Pricing model
  • Active support
  • Ease of use
Cons
  • Stability (weird issues)
  • Transparency (hard to investigate issues)
  • Search template should be improved
LogPoint is well suited for smaller environments with small teams that don't have much time for training and need a solution that is quickly operational.

In bigger environments, however, the fact that issues often need support to intervene--which causes delay--makes this solution less appropriate.
Security Information and Event Management (SIEM) (13)
48.46153846153846%
4.8
Centralized event and log data collection
60%
6.0
Correlation
N/A
N/A
Event and log normalization/management
70%
7.0
Deployment flexibility
30%
3.0
Integration with Identity and Access Management Tools
50%
5.0
Custom dashboards and workspaces
70%
7.0
Log retention
90%
9.0
Data integration/API management
50%
5.0
Behavioral analytics and baselining
N/A
N/A
Rules-based and algorithmic detection thresholds
70%
7.0
Response orchestration and automation
40%
4.0
Reporting and compliance management
70%
7.0
Incident indexing/searching
30%
3.0
Overall, LogPoint is pretty easy to get started with but faces issues with specific things (syslog on custom ports, script log collection, etc.).
Support is pretty effective, gives clear information, and usually solves the issues encountered. However, having to rely on support is one of the issues I am facing, since it slows projects down.

LogPoint requires an investment of time and effort to get going, but that investment will be rewarded

Rating: 8 out of 10
July 22, 2021
Vetted Review
Verified User
LogPoint
3 years of experience
We purchased LogPoint to replace a legacy log collection tool that was end-of-life, but it has become so much more than a repository for logs. We use it to collect logs from endpoints, servers, firewalls, routers, applications etc. Being able to correlate searches across different log sources is invaluable. For example, it has helped us to investigate account lockouts much more quickly, getting the user involved back up and running as swiftly as possible. This used to be a laborious process, checking multiple logs in different locations. Now it's a simple dashboard on a webpage. It's also proved very useful in investigating suspected security incidents.
  • Log storage - depending on the value of the data, you can specify different retention periods.
  • Log enrichment - LogPoint can use various sources, such as Active Directory and threat intelligence feeds, to enrich logs and make them more useful.
  • Correlation - you can write complex search queries that bring in information from multiple log sources.
  • Alerting - any search can be used to configure an automatic alert, triggering an email if an event is detected, or passes a set threshold.
  • Support - LogPoint support is always incredibly helpful.
Cons
  • Ease of use - some aspects of LogPoint are difficult to find, hidden away in parts of the product that are not intuitive. For example, you have to go into the Knowledge Base to find the alert rules you've set up.
  • User community - the user community for LogPoint does not seem to be as large or active as some of their competitors.
  • UEBA - so far the UEBA functionality has not generated any usable insights for us.
LogPoint is incredibly useful for pulling information from various log sources and combining them together to offer insights into suspicious or potentially malicious behaviour. It is not intuitive and can take some time to get used to. Once you're up and running though, it's easy to onboard new log sources. Search queries can again be tough to get used to, but LogPoint support is really helpful and can offer assistance with writing more complex searches.
Security Information and Event Management (SIEM) (7)
84.28571428571429%
8.4
Centralized event and log data collection
100%
10.0
Correlation
90%
9.0
Event and log normalization/management
90%
9.0
Deployment flexibility
60%
6.0
Integration with Identity and Access Management Tools
90%
9.0
Custom dashboards and workspaces
90%
9.0
Host and network-based intrusion detection
70%
7.0
LogPoint has quite a steep learning curve. The UI is not intuitive, with some bits of functionality being hidden in places you might not think to look. The search syntax is also quite difficult to master. However, once you overcome these obstacles, LogPoint is actually very easy to use.
LogPoint support is outstanding. They are incredibly helpful, and on occasions have proactively identified issues with our setup, and logged cases on our behalf before we had even noticed there was a problem. If there is a search we need to write that is beyond our skills, LogPoint support can typically write it for us within a couple of days. They are always very responsive, and I am yet to have a bad support experience.
We used a third-party for professional services.

LogPoint - Does a great job.

Rating: 10 out of 10
July 20, 2021
Vetted Review
Verified User
LogPoint
5 years of experience
LogPoint is used to aggregate all our important logs in one place, giving us an easy to use, reliable solution. We also rely on it to alert us to any anomalous behavior in the user base, the arrival of phishing emails, monitoring user web access, and many other things. It is used predominantly by the IT dept at all levels, providing deep detail along with easy to use search functionality.
  • Log aggregation
  • Log search functionality
  • Excellent customer service
Cons
  • Some maintenance tasks can only be performed by support
If you need a good-looking, easy to use SIEM product then look no further.
Security Information and Event Management (SIEM) (7)
70%
7.0
Centralized event and log data collection
100%
10.0
Correlation
90%
9.0
Event and log normalization/management
100%
10.0
Deployment flexibility
100%
10.0
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
100%
10.0
Host and network-based intrusion detection
N/A
N/A
  • Highlighted numerous issues in the estate which had gone unnoticed for many years
  • Provided insight into user behavior
  • Allows us to monitor for issues pro-actively
Return to navigation