LogPoint requires an investment of time and effort to get going, but that investment will be rewarded
July 22, 2021

LogPoint requires an investment of time and effort to get going, but that investment will be rewarded

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with LogPoint

We purchased LogPoint to replace a legacy log collection tool that was end-of-life, but it has become so much more than a repository for logs. We use it to collect logs from endpoints, servers, firewalls, routers, applications etc. Being able to correlate searches across different log sources is invaluable. For example, it has helped us to investigate account lockouts much more quickly, getting the user involved back up and running as swiftly as possible. This used to be a laborious process, checking multiple logs in different locations. Now it's a simple dashboard on a webpage. It's also proved very useful in investigating suspected security incidents.
  • Log storage - depending on the value of the data, you can specify different retention periods.
  • Log enrichment - LogPoint can use various sources, such as Active Directory and threat intelligence feeds, to enrich logs and make them more useful.
  • Correlation - you can write complex search queries that bring in information from multiple log sources.
  • Alerting - any search can be used to configure an automatic alert, triggering an email if an event is detected, or passes a set threshold.
  • Support - LogPoint support is always incredibly helpful.
  • Ease of use - some aspects of LogPoint are difficult to find, hidden away in parts of the product that are not intuitive. For example, you have to go into the Knowledge Base to find the alert rules you've set up.
  • User community - the user community for LogPoint does not seem to be as large or active as some of their competitors.
  • UEBA - so far the UEBA functionality has not generated any usable insights for us.
LogPoint has quite a steep learning curve. The UI is not intuitive, with some bits of functionality being hidden in places you might not think to look. The search syntax is also quite difficult to master. However, once you overcome these obstacles, LogPoint is actually very easy to use.

Do you think LogPoint delivers good value for the price?

Yes

Are you happy with LogPoint's feature set?

Yes

Did LogPoint live up to sales and marketing promises?

Yes

Did implementation of LogPoint go as expected?

No

Would you buy LogPoint again?

Yes

LogPoint support is outstanding. They are incredibly helpful, and on occasions have proactively identified issues with our setup, and logged cases on our behalf before we had even noticed there was a problem. If there is a search we need to write that is beyond our skills, LogPoint support can typically write it for us within a couple of days. They are always very responsive, and I am yet to have a bad support experience.
We used a third-party for professional services.
LogPoint is incredibly useful for pulling information from various log sources and combining them together to offer insights into suspicious or potentially malicious behaviour. It is not intuitive and can take some time to get used to. Once you're up and running though, it's easy to onboard new log sources. Search queries can again be tough to get used to, but LogPoint support is really helpful and can offer assistance with writing more complex searches.

LogPoint Feature Ratings

Centralized event and log data collection
10
Correlation
9
Event and log normalization/management
9
Deployment flexibility
6
Integration with Identity and Access Management Tools
9
Custom dashboards and workspaces
9
Host and network-based intrusion detection
7