Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats.
The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats.
I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts.
I have been Logsign Next-Gen SIEM for the past one year.
It is scalable.
The support team for Logsign Next-Gen SIEM is excellent. Compared to other SIEM solutions like IBM QRadar and LogRhythm, Logsign's support team responds within one to two hours, for deployment issues and integration challenges.
The initial installation and setup of Logsign Next-Gen SIEM was straightforward and easy, especially compared to products like Splunk and LogRhythm. Within fifteen days of working with LogSign, I was fully prepared and understood everything. In contrast, LogRhythm's setup can be confusing due to its various components.
I prefer Logsign for our company's deployment in Saudi Arabia because the pricing is reasonable, and integration is straightforward. But if the pricing isn't favorable, we consider switching to another product. As an MSSP or system integrator, it's crucial to offer customer quality features at competitive prices to ensure satisfaction and value.
I would rate LogSign as an 8 out of 10. The support team is responsive, the platform is user-friendly with easy installation and integration, and the documentation is helpful. There iss room for improvement in third-party integrations and pricing strategies.
The solution is used as a security monitoring solution. We are collecting logs from different security products in the infrastructure, like firewalls and EDR. They were using mainly Windows SIEM. We create groups to monitor the security and possible attacks.
The solution secures attacks and monitors too. If there's a real attack running and we need to apply a solution first, we opt for Logsign. A couple of times, the solution has saved customers from security attacks. There's a legal law in Turkey: if you face any security attack, you must provide logs to the legal authorities. We had to provide some logs to legal authorities, and Logsign helped.
Logsign has a very user-friendly interface. It is easy to use and find the features that you need. When compared to other solutions in that budget, it is working fast. You never experienced any slowness in the alerts with needed resource. It is doing the job. The correlation part is complex. When we talked to support, it was hard to correlate events to security monitoring. Overall, It is doing the job, and you were able to monitor the security within the budget.
Logsign is a log management system based on Elasticsearch. When creating alerts and correlations, you use the Kibana query, based on the Elasticsearch queries. The query language is freaky. It's not always possible to correlate some of that. Logsign needs to fix the correlation engine. So you can monitor and correlate events on the different parts of the system. Also, users need to be able to build the alerts and regulations much easier.
I have been using Logsign Next-Gen SIEM for more than 18 months.
The product can work stable, but you must configure and monitor everything perfectly. Sometimes when you misconfigure something, you are unaware of, you experience some issues.
You can set up different instances, which is crucial for SIEM. You don't miss any logs or events.
The company is growing fast. They hire new support for SIEM. You may struggle with the support. In general, they have great knowledge of the product. They know what they need to do both product-wise and security-wise. Whenever you need help at night or on weekends, you always find someone to help you.
Positive
The initial setup is easy. Logsign support deals with it. You just provide a server to them, and they install the product. It is budget-friendly every time. The first step is to provide the server with strong SIEM resources like CPU, memory, etc. You also need to give them a VPN connection to connect and do the setup. When you open a support ticket, they connect with the VPN and apply the solution. They help you collect logs or forward logs from the different servers or products on the network or offline products. The process takes up to a month. You need to work together with the Logsign support. You need to collect the logs and forward them to Logsign from each product or each part of your system. After that, you will be able to monitor the system security.
You need support ocassionly. Whenever you update the product, you’ll experience downtime. You need to plan with the support and set up a meeting to apply the updates. There are updates constantly released. You cannot keep up with the version every time. Logsign is a good choice depending on the budget. If your budget is limited and you have some different uses for that budget for a different security solution, You can choose Logsign because it's cheaper than international products, and it does the job. You need to limit your expectations. Logsign is a viable solution. Overall, I rate the solution a seven out of ten.