Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats.
The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats.
I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts.
I have been Logsign Next-Gen SIEM for the past one year.
It is scalable.
The support team for Logsign Next-Gen SIEM is excellent. Compared to other SIEM solutions like IBM QRadar and LogRhythm, Logsign's support team responds within one to two hours, for deployment issues and integration challenges.
The initial installation and setup of Logsign Next-Gen SIEM was straightforward and easy, especially compared to products like Splunk and LogRhythm. Within fifteen days of working with LogSign, I was fully prepared and understood everything. In contrast, LogRhythm's setup can be confusing due to its various components.
I prefer Logsign for our company's deployment in Saudi Arabia because the pricing is reasonable, and integration is straightforward. But if the pricing isn't favorable, we consider switching to another product. As an MSSP or system integrator, it's crucial to offer customer quality features at competitive prices to ensure satisfaction and value.
I would rate LogSign as an 8 out of 10. The support team is responsive, the platform is user-friendly with easy installation and integration, and the documentation is helpful. There iss room for improvement in third-party integrations and pricing strategies.
I use the solution in my company for packets mainly and log analytics.
I don't really see any valuable features in the product. I feel that it is time to move away from NetWitness Platform. All SIEM tools have to deal with advanced use cases, and many of them are getting upgrades, but this is not the case with NetWitness Platform. NetWitness Platform has remained the same for almost four to five years. The support and RMAs offered by the product in our region have also become very bad.
From an improvement perspective, the NetWitness Platform needs to release new features and improve in areas like log correlation. The tool needs to have easier integrations with the cloud. Building a parser should be made easier in the tool.
The tool needs to have easier integrations. The tool needs to have the extra log-related suggestions. The platform and UI should be easier to use.
I have been using NetWitness Platform for eight years. My company is a customer of the tool.
I rate the technical support a six out of ten.
Neutral
The product's initial setup phase was not at all difficult. The tool's upgrades and moving from old hardware to new hardware are difficult and time-consuming. If you have any hardware failures, as per the RMA offered by the tool, it takes a very long time to get some after-service. The product has not been working well in my region recently.
The product price was reasonable for my region and the market.
My company has a hybrid environment. I have looked at other products like Splunk and Sentinel. I am still looking around for other solutions in the market. In my company, we are having discussions to move to some other solution.
My company has had many benefits from the use of the product in the last eight years.
The tool has streamlined our company's incident response process since it serves as a log repository, which allows us to correlate events and access different technology stacks. In our company, we were able to actually find some potential attacks, so it has been very helpful.
The tool's integration capability isn't so great. In my company, we managed to integrate it with our Microsoft Azure Subscription, after which we managed to integrate it with other tools. You will face a lot of difficulties if you want to integrate it with your database monitoring tool, PAM solutions, or IAM products.
The product has done well overall for my company's teams to deal with their workflow efficiency.
I would not recommend the product to others.
I rate the tool a seven out of ten.