Share your experience using Logsign Next-Gen SIEM

The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.

Use our online form to submit your review. It's quick and you can post anonymously.

Your review helps others learn about this solution
The PeerSpot community is built upon trust and sharing with peers.
It's good for your career
In today's digital world, your review shows you have valuable expertise.
You can influence the market
Vendors read their reviews and make improvements based on your feedback.
Examples of the 83,000+ reviews on PeerSpot:

Moeen Ahmad - PeerSpot reviewer
SIEM Administrator at Network Intelligence (I) Pvt. Ltd.
Real User
Provides sample logs within the product, allowing users to see how logs will appear before integration
Pros and Cons
  • "Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats."
  • "I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts."

What is most valuable?

Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats.      

What needs improvement?

I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts.

For how long have I used the solution?

I have been Logsign Next-Gen SIEM for the past one year. 

What do I think about the scalability of the solution?

It is scalable.

How are customer service and support?

The support team for Logsign Next-Gen SIEM is excellent. Compared to other SIEM solutions like IBM QRadar and LogRhythm, Logsign's support team responds within one to two hours, for deployment issues and integration challenges.

How was the initial setup?

The initial installation and setup of Logsign Next-Gen SIEM was straightforward and easy, especially compared to products like Splunk and LogRhythm. Within fifteen days of working with LogSign, I was fully prepared and understood everything. In contrast, LogRhythm's setup can be confusing due to its various components.

What other advice do I have?

I prefer Logsign for our company's deployment in Saudi Arabia because the pricing is reasonable, and integration is straightforward. But if the pricing isn't favorable, we consider switching to another product. As an MSSP or system integrator, it's crucial to offer customer quality features at competitive prices to ensure satisfaction and value.

I would rate LogSign as an 8 out of 10. The support team is responsive, the platform is user-friendly with easy installation and integration, and the documentation is helpful. There iss room for improvement in third-party integrations and pricing strategies.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Network Monitoring Engineer at a computer software company with 501-1,000 employees
Real User
Easy to use and find the features that you need

What is our primary use case?

The solution is used as a security monitoring solution. We are collecting logs from different security products in the infrastructure, like firewalls and EDR. They were using mainly Windows SIEM. We create groups to monitor the security and possible attacks.

How has it helped my organization?

The solution secures attacks and monitors too. If there's a real attack running and we need to apply a solution first, we opt for Logsign. A couple of times, the solution has saved customers from security attacks. There's a legal law in Turkey: if you face any security attack, you must provide logs to the legal authorities. We had to provide some logs to legal authorities, and Logsign helped.

What is most valuable?

Logsign has a very user-friendly interface. It is easy to use and find the features that you need. When compared to other solutions in that budget, it is working fast. You never experienced any slowness in the alerts with needed resource. It is doing the job. The correlation part is complex. When we talked to support, it was hard to correlate events to security monitoring. Overall, It is doing the job, and you were able to monitor the security within the budget.

What needs improvement?

Logsign is a log management system based on Elasticsearch. When creating alerts and correlations, you use the Kibana query, based on the Elasticsearch queries. The query language is freaky. It's not always possible to correlate some of that. Logsign needs to fix the correlation engine. So you can monitor and correlate events on the different parts of the system. Also, users need to be able to build the alerts and regulations much easier.

For how long have I used the solution?

I have been using Logsign Next-Gen SIEM for more than 18 months.

What do I think about the stability of the solution?

The product can work stable, but you must configure and monitor everything perfectly. Sometimes when you misconfigure something, you are unaware of, you experience some issues.

What do I think about the scalability of the solution?

You can set up different instances, which is crucial for SIEM. You don't miss any logs or events.

How are customer service and support?

The company is growing fast. They hire new support for SIEM. You may struggle with the support. In general, they have great knowledge of the product. They know what they need to do both product-wise and security-wise. Whenever you need help at night or on weekends, you always find someone to help you.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is easy. Logsign support deals with it. You just provide a server to them, and they install the product. It is budget-friendly every time. The first step is to provide the server with strong SIEM resources like CPU, memory, etc. You also need to give them a VPN connection to connect and do the setup. When you open a support ticket, they connect with the VPN and apply the solution. They help you collect logs or forward logs from the different servers or products on the network or offline products. The process takes up to a month. You need to work together with the Logsign support. You need to collect the logs and forward them to Logsign from each product or each part of your system. After that, you will be able to monitor the system security.

What other advice do I have?

You need support ocassionly. Whenever you update the product, you’ll experience downtime. You need to plan with the support and set up a meeting to apply the updates. There are updates constantly released. You cannot keep up with the version every time. Logsign is a good choice depending on the budget. If your budget is limited and you have some different uses for that budget for a different security solution, You can choose Logsign because it's cheaper than international products, and it does the job. You need to limit your expectations. Logsign is a viable solution. Overall, I rate the solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate