We changed our name from IT Central Station: Here's why

LogPoint OverviewUNIXBusinessApplication

LogPoint is #23 ranked solution in top Security Information and Event Management (SIEM) tools. PeerSpot users give LogPoint an average rating of 8 out of 10. LogPoint is most commonly compared to Splunk: LogPoint vs Splunk. The top industry researching this solution are professionals from a computer software company, accounting for 28% of all views.
What is LogPoint?

LogPoint are SIEM specialists with solutions widely deployed in the Nordics, Germany, France and the UK.

The LogPoint solution is designed to provide you with the information you need by enabling you to collect, analyze and monitor data from your entire infrastructure for Compliance Management, Information Security, Application Security Monitoring and Operational Insight.

  • LogPoint is straightforward to buy, install and manage – so will take less of your time.
  • SIEM is all LogPoint does, so the system is up-to-date latest tech, with powerful Big Data analytics.
  • The beautiful Scandinavian design is intuitive to master, nice to look at, easy to use.
  • It’s flexible. LogPoint can manage whichever security, networking and software products you choose,
  • LogPoint works with other systems, and grows as your company or requirements grow.
  • You’ll deal with someone who genuinely understands the product and what you need from it.
  • And not least, cost. Worked out on a direct, affordable basis with no surprises later on.

For more information, please visit www.logpoint.com or contact us:

Phone: +45 7060 6100
E-mail: info@logpoint.com

LogPoint Buyer's Guide

Download the LogPoint Buyer's Guide including reviews and more. Updated: January 2022

LogPoint Customers
AP Pension, Copenhagen Airports, KMD, Terma, DISA, Danish Crown, Durham City Council, Game, TopDanmark, Lahti Energia, Energi Midt, Synoptik, Eissmann Group Automotive, Aligro, CG50...
LogPoint Video

LogPoint Pricing Advice

What users are saying about LogPoint pricing:
  • "It has a fixed price, which is what I like about LogPoint. I bought the system and paid for it, and I pay maintenance. It is not a consumption model. Most SIEMs or most of the log management systems are consumption-based, which means that you pay for how many logs you have in the system. That's a real problem because logs can grow very quickly in different circumstances, and when you have a variable price model, you never know what you're going to pay. Splunk is notoriously expensive for that reason. If you use Splunk or QRadar, it becomes expensive because there are not just the logs; you also have to parse the logs and create indexes. Those indexes can be very expensive in terms of space. Therefore, if they charge you by this space, you can end up paying a significant amount of money. It can be more than what you expect to pay. I like the fact that LogPoint has a fixed cost. I know what I'm going to pay on a yearly basis. I pay that, and I pay the maintenance, and I just make it work."
  • "LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when customers needed a lower-costing solution."
  • "Our licensing fees are about $10,000 USD per month, which I think is fair."
  • "It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value."
  • LogPoint Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Chief Infrastructure & Security Office at a financial services firm with 51-200 employees
    Real User
    Top 5Leaderboard
    Collects logs from different systems, works extremely fast, and has a predictable cost model
    Pros and Cons
    • "It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them."
    • "The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."

    What is our primary use case?

    We use it as a repository of most of the logs that are created within our office systems. It is mostly used for forensic purposes. If there is an investigation, we go look for the logs. We find those logs in LogPoint, and then we use them for further analysis.

    How has it helped my organization?

    We have close to 33 different sources of logs, and we were able to onboard most of them in less than three months. Its adoption is very quick, and once you have the logs in there, the ability to search for things is very good.

    What is most valuable?

    It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.

    What needs improvement?

    The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast.

    Its reporting could be significantly improved. They have very good reports, but the ability to create ad-hoc reports can be improved significantly.

    For how long have I used the solution?

    I have been using this solution for three years.

    What do I think about the stability of the solution?

    It has been stable, and I haven't had any issues with it.

    What do I think about the scalability of the solution?

    There are no issues there. However much free space I give it, it'll work well.

    It is being used by only two people: me and another security engineer. We go and look at the logs. We are collecting most of the information from the firm through this. If we were to grow, we'll make it grow with us, but right now, we don't have any plans to expand its usage.

    How are customer service and support?

    Their support is good. If you call them for help, they'll give you help. They have a very good set of engineers to help you with onboarding or the setup process. You can consult them when you have a challenge or a question. They are very good with the setup and follow-up. What happens afterward is a whole different story because if you have to escalate internally, you can get in trouble. So, their initial support is very good, but their advanced support is a little more challenging.

    Which solution did I use previously and why did I switch?

    I used a product called Logtrust, which is now called Devo. I switched because I had to get a consultant every time I had to do something in the system. It required a level of expertise. The system wasn't built for a mere human to use. It was very advanced, but it required consultancy in order to get it working. There are a lot of things that they claim to be simple, but at the end of the day, you have to have them do the work, and I don't like that. I want to be able to do the work myself. With LogPoint, I'm able to do most of the work myself.

    How was the initial setup?

    It is very simple. There is a virtual machine that you download, and this virtual machine has everything in it. There is nothing for you to really do. You just download and install it, and once you have the machine up and running, you're good to go.

    The implementation took three months. I had a complete listing of my log sources, so I just went down the list. I started with the most important logs, such as DNS, DHCP, Active Directory, and then I went down from there. We have 33 sources being collected currently.

    What about the implementation team?

    I did it on my own. I also take care of its maintenance.

    What was our ROI?

    It is not easy to calculate ROI on such a solution. The ROI is in terms of having the ability to find what you need in your logs quickly and being confident that you're not going to lose your logs and you can really search for things. It is the assurance that you can get that information when you need it. If you don't have it, you're in a trouble. If you are compromised, then you have a problem. It is hard to measure the cost of these things.

    As compared to other systems, I'm getting a good value for the money. I'm not paying a variable cost. I have a pretty predictable cost model, and if I need to grow, it is all up to me for the resources that I put, not to them. That's a really good model, and I like it.

    What's my experience with pricing, setup cost, and licensing?

    It has a fixed price, which is what I like about LogPoint. I bought the system and paid for it, and I pay maintenance. It is not a consumption model. Most SIEMs or most of the log management systems are consumption-based, which means that you pay for how many logs you have in the system. That's a real problem because logs can grow very quickly in different circumstances, and when you have a variable price model, you never know what you're going to pay. Splunk is notoriously expensive for that reason. If you use Splunk or QRadar, it becomes expensive because there are not just the logs; you also have to parse the logs and create indexes. Those indexes can be very expensive in terms of space. Therefore, if they charge you by this space, you can end up paying a significant amount of money. It can be more than what you expect to pay. I like the fact that LogPoint has a fixed cost. I know what I'm going to pay on a yearly basis. I pay that, and I pay the maintenance, and I just make it work.

    Which other solutions did I evaluate?

    I had Logtrust, and I looked at AlienVault, Splunk, and IBM QRadar. Splunk was too expensive, and QRadar was too complex. AlienVault was very good and very close to LogPoint. I almost went to AlienVault, but its cost turned out to be significantly higher than LogPoint, so I ended up going for LogPoint because it was a better cost proposition for me.

    What other advice do I have?

    It depends on what you're looking for. If you really want a full-blown SIEM with all the functionality and all the correlation analysis, you might be able to find products that have more sophisticated correlations, etc. If you just want to keep your logs and be able to find information quickly within your systems, LogPoint is more than capable. It is a good cost proposition, and it works extremely well and very fast.

    I would rate it an eight out of 10. It is a good cost proposition. It is a good value. It has all the functionality for what I wanted, which is my log management. I'm not using a lot of the feature sets that are very advanced. I don't need them, so I can't judge it based on those, but for my needs, it is an eight for sure.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    ITCS user
    Account Manager at a tech services company with 11-50 employees
    Reseller
    Top 5Leaderboard
    Good billing model, representatives respond quickly, and fair to our customers
    Pros and Cons
    • "They basically charge you in a better way."
    • "The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness."

    What is our primary use case?

    We do SMB and schools, K through 12. 

    We have a storage cloud and cloud-based Cisco voiceover IP cloud services that we offer, as well as on-premise-based for those who still prefer that.

    What is most valuable?

    They basically charge you in a better way. Instead of starting to charge you more as you do more data, it is based on the different data modules that you had or items you were monitoring. 

    It wasn't as if the flow increases a lot then you could kill, like some other products when you start using it more. It's nice at first and then it gets more expensive. This product was a little bit better on that, on adding users.

    What needs improvement?

    It wasn't one of the products we stressed for our customers just because it was a higher-end service. Our customers were not happy with firewalling and the endpoint antivirus. It needed 24-hour management. Many of our customers don't need that because they are a small-medium business. 

    The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness.

    It's pretty expensive. It's harder to make an impact and get changes as you might need it quickly or address the price issue.

    It's a company owned by one person, and they were pretty solid on leaving the pricing the same. They are a little bit inflexible. That's how we felt with us not really specializing in that as much as other products we work with.

    They're from Denmark and a lot of their staff is there. They have a real skeleton crew here.

    We just switched over from LogPoint to IBM's QRadar as the SIM engine.

    How are customer service and technical support?

    We liked the local rep that we had, but he was spread a little bit thin between New York, Connecticut, and Boston. 

    He could get back to us relatively quickly if we had some feedback, but it's not like they had a lot of feet on the street in the U.S. It's a burgeoning market that they were trying to get into more.

    What's my experience with pricing, setup cost, and licensing?

    LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when customers needed a lower-costing solution.

    Which other solutions did I evaluate?

    We have our own cloud offering. We are always keeping an eye on what's out there to know what else we can offer to our clients. Things like AWS and Azure would not work in our favor because they're so big. 

    It keeps me aware of what's up and coming, and I share that information with our engineering staff so that they could either incorporate some of the features into what we have, or if there's any kind of partnership, and is it just a matter of something we should offer.

    What other advice do I have?

    We do a combination of MSP and VAR services. We're a hybrid between the two. We are not a pure MSP. 

    People don't seem to like having to pay a monthly fee whether or not people end up showing up or helping. We try to offer it as an "if you need it" basis, we can do it, but we don't have to charge you. 

    We can sell them a bundle of hours, and that way they only use them when they need them, which is pretty popular with many of our clients, especially small to mid-size companies. 

    We'll do a combination of, for instance, Sentinel One and Point Antivirus, which is an MSP service. It has 24-hour-a-day monitoring if they want. 

    If they don't want that, we could do more of a typical kind of a semantic or any one of a number of Point Antiviruses that they want. 

    We also have a Secure SIEM, it's our own product, www. securesiem.com.  If they want to have a managed SIEM service, 

    We also have, for those that have next-generation firewalls, we have a product called securengf.com. That basically shores up their next-generation firewall with our managed services. We use a help desk that lets them have 24-hour responsiveness to any issues instead of just having the firewall and having to go to look online. 

    This will be somebody monitoring the firewall to make sure there are no breaches.

    If somebody needs wireless Wi-Fi, WLAN type of services, we can help them improve their signal strength and location of their access points.

    We're using QRadar as the engine. We are working as a partner with them to have our service use QRadar to achieve the best results for our customers. I believe we use some of their services of the monitoring itself.

    I would rate LogPoint an eight out of ten, because the technology seemed to be fairer to the customers, even with all the issues that I have indicated. 

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Learn what your peers think about LogPoint. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
    563,208 professionals have used our research since 2012.
    Jeroen Kroon
    Security Manager at Scildon
    Real User
    Top 5
    Good technical support but it is complex to use and resource-heavy
    Pros and Cons
    • "Technical support is responsive and very friendly."
    • "The interface needs things like wizards that will assist with creating complex correlation rules."

    What is our primary use case?

    We use LogPoint for log collection. We have a specific use case around a system that was not able to provide this kind of correlation. However, we are going to get rid of the legacy platform within the year and will be moving away from LogPoint.

    What is most valuable?

    The most valuable feature is the log creating according to specific rules.

    What needs improvement?

    LogPoint is complex and we don't have the skills to maintain use cases or even to extend the use cases. Because of this, we are unable to take advantage of the SIEM platform. We need something more self-running, hosted, and automatically recognizes problems the way the AI platforms are providing.

    The interface needs things like wizards that will assist with creating complex correlation rules.

    The platform is very resource-demanding, although this is typical of SIEM solutions.

    For how long have I used the solution?

    We have been using LogPoint for three or four years.

    What do I think about the stability of the solution?

    We did have problems with stability in the past and we had one ticket that was open for a couple of months. It was due to their platform having trouble reading sources coming from different kinds of services.

    What do I think about the scalability of the solution?

    We are using LogPoint on a very small scale. I did some complex reports and it was working but it needed a lot of memory on the local server.

    We have about 150 employees and there are two or three operators.

    How are customer service and technical support?

    Technical support is responsive and very friendly. We have no issues with that.

    Which solution did I use previously and why did I switch?

    I have a lot of experience with Splunk, Radar, ArcSight, and the EMC platform. All of them consume a lot of system resources.

    We did not use another SIEM solution in-house prior to LogPoint, although we did do some management using Rapid7 technology.

    How was the initial setup?

    The initial setup was complex.

    What's my experience with pricing, setup cost, and licensing?

    Our licensing fees are about $10,000 USD per month, which I think is fair. The licensing fees include product enhancements, support, and it satisfies some mandatory regulatory aspects that we need to fulfill. We are also not taking full advantage of the capabilities, such as advanced analytics.

    If we wanted to take full advantage of the capabilities then we would need to invest between $20,000 and $50,000 in consulting fees.

    Which other solutions did I evaluate?

    LogPoint was selected before I was in this position, so I was not part of the process. My understanding is that several products were considered but LogPoint was chosen because the price of the license was attractive.

    At this point, we are thinking about moving to Darktrace.

    What other advice do I have?

    We are moving away from this solution and are looking for something automated, like Darktrace.

    My advice for anybody who is implementing this solution is to first have a very clear understanding of the use cases, what you want to use it for, and what you want to report. 

    Don't be afraid to look for a cloud-based solution, especially when it comes to SIEM products. It removes a lot of trouble related to internal servers and the complexity of accessing the SIEM from outside. If you have to implement your own MSA then I would suggest reconsidering any case of using an internal SIEM. Especially for smaller companies, this will provide much more value.

    I would rate this solution a seven out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PaulWoods
    ICT Project Manager at a government with 5,001-10,000 employees
    Real User
    Top 10
    Stable, with good reporting and technical support
    Pros and Cons
    • "The most valuable features are the ones that we use the most, which are the search and report facilities."
    • "I know that they have user behavior analytics, but it's an extra cost for this feature. It would be nice if it was in with the standard products."

    What is most valuable?

    The most valuable features are the ones that we use the most, which are the search and report facilities.

    What needs improvement?

    There is room for improvement on both our side and on the side of LogPoint.

    We could improve on what we decided to put into LogPoint for it to work on and LogPoint Is improving with its addition of the MITRE ATT&CK framework.

    I know that they have user behavior analytics, but it's an extra cost for this feature. It would be nice if it was in with the standard products.

    If there were one price that you paid and that included all of the features, instead of having to pay a bit more to get advanced features. It would make things simpler when you purchase.

    For how long have I used the solution?

    I have been using LogPoint for approximately six years.

    We're currently migrating from version 6.6 to 6.9.

    What do I think about the stability of the solution?

    It's a stable solution.

    What do I think about the scalability of the solution?

    It's a scalable solution. We can add more LogPoint boxes, repositories, and sources.

    We have 20 or 30 people who are using the information from it, in our organization.

    How are customer service and technical support?

    Technical support is very good.

    Which solution did I use previously and why did I switch?

    We used to use LogRhythm.

    We made a significant investment in LogRhythm, and it didn't cope with the size of our estate, so we decided to go elsewhere.

    How was the initial setup?

    The initial setup was quite straightforward.

    It took us a couple of weeks to set up all of the log sources and to configure them.

    To maintain this solution it's one person and half their time to work on it.

    What about the implementation team?

    The implementation was very good from our point of view, but we had one of the top people come out and install it with us.

    I think we were the first local authority and the council in the country to touch the LogPoint.

    They came out and made sure that it was installed properly and that it worked properly with us, which I'm not sure everybody would get.

    What's my experience with pricing, setup cost, and licensing?

    It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value. It's still good, but it's I think it's becoming more expensive.

    Which other solutions did I evaluate?

    We are looking to see what else may be available. There might be something better that we are not aware of yet.

    What other advice do I have?

    I would say that it's a good product. It's very stable, and the support is very good. We use it a lot. 

    As I say, I'm looking to see whether or not it's still the product that we should be using or whether there's something out there now.

    I would rate LogPoint an eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    A Secca
    Cyber Security Analyst at a transportation company with 51-200 employees
    Real User
    Top 20
    A solid, dependable, and well-recognized SIEM tool with excellent support
    Pros and Cons
    • "It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."
    • "In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved."

    What is our primary use case?

    It monitors the users as well as the endpoints and provides data for that. It basically studies the activities, tries to understand the activities, and then does a little bit baseline for that. It then monitors the user or the endpoint to see if there is any deviation. If there is any deviation, it triggers an alarm.

    What is most valuable?

    It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline.

    What needs improvement?

    In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved. 

    For how long have I used the solution?

    We installed it on our system about six months ago. We also integrated UEBA with it.

    What do I think about the stability of the solution?

    It is very stable. It is recognized by Gartner in the Quad evaluation of SIEM tools. They are a strong player, and their product is very solid and stable.

    What do I think about the scalability of the solution?

    It is being used by 150 people in three different locations in two states.

    How are customer service and technical support?

    They have excellent tech support. That's the whole thing. Even though their documentation is lacking, their tech support is excellent.

    Which solution did I use previously and why did I switch?

    We didn't use any. We didn't have any in place.

    How was the initial setup?

    Setting up a SIEM tool is never easy. It is very complex because of the components that are involved. You have to onboard all the devices that will be communicating with the tool. It is tedious. You need to get it right. That's the whole strategy.

    For its maintenance, we have a two-man IT department, which includes me and somebody else.

    What other advice do I have?

    It is highly recommended. It is a solid SIEM tool. It is very dependable and well-recognized. In terms of functionality, the queries work in the same way as Splunk. The only drawback is they are predominantly a European provider. Their headquarter is in Denmark and not in the US. Most of their market is in the European Union, but nonetheless, their customer service is excellent. You can get answers to any issue or question that you have related to the implementation right away.

    The learning curve is kind of on the medium side, and you need somebody on a full-time basis for UEBA.

    I would rate LogPoint a nine out of 10. It only needs better documentation.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Lars Hillerup
    Security Consultant at a government with 10,001+ employees
    Consultant
    Top 10
    Enables ability to design drivers for log data collection which has improved efficiency
    Pros and Cons
    • "Log collection, dashboards and reporting are good."
    • "Dashboards could be developed further."

    What is our primary use case?

    We're a health care organization and we had a specific case where LogPoint was able to help develop a special collector for an earlier version of our storage system, where we had issues with migration. Some files were missing when we migrated to the new system, and we had trouble finding out why. LogPoint was very helpful in designing some drivers which could collect the log data, so we could identify the problem. We're customers of LogPoint and I'm a security consultant.

    What is most valuable?

    The most valuable features for us have been the log collection, dashboards, and reporting.

    What needs improvement?

    My issues with the product are mainly with regard to how it handles collecting logs. I'm currently thinking about implementing a new lever feature.

    Additional features I'd like to see would be standard help features in developing dashboards and reports, and some of the alerts you can setup.

    For how long have I used the solution?

    I've been using this solution for 10 years. 

    What do I think about the stability of the solution?

    This is a stable solution. 

    What do I think about the scalability of the solution?

    This is a scalable solution and we're currently expanding. We have 10 users but hoping to expand to 100. 

    How are customer service and technical support?

    The technical support is comprehensive, but you have the same issues as every company that uses India as a support center. 

    How was the initial setup?

    I believe the initial setup was straightforward but there have been some issues with some of the vendors we are using such as Dell EMC Isilon storage systems. They have a very cool setup for sending logs to a log management system.

    What other advice do I have?

    I would advise people to be aware of their needs, and test some specific use cases, so that you get the benefits from the start, because you don't gain anything out of a SIEM system, if you don't have the right amount of data, from the right sources.

    I would rate this product an eight out of 10. I'm Danish so nobody gets a 10! There's always room for improvement. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Buyer's Guide
    Download our free LogPoint Report and get advice and tips from experienced pros sharing their opinions.