LogPoint vs Splunk comparison

Cancel
You must select at least 2 products to compare!
Devo Logo
Read 16 Devo reviews
14,305 views|5,499 comparisons
LogPoint Logo
3,759 views|2,077 comparisons
Splunk Logo
82,897 views|67,727 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between LogPoint and Splunk based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed LogPoint vs. Splunk Report (Updated: November 2022).
657,397 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most useful feature for us, because of some of the issues we had previously, was the simplicity of log integrations. It's much easier with this platform to integrate log sources that might not have standard logging and things like that.""Those 400 days of hot data mean that people can look for trends and at what happened in the past. And they can not only do so from a security point of view, but even for operational use cases. In the past, our operational norm was to keep live data for only 30 days. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. That's one reason that having 400 days of live data is pretty huge. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics.""The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable.""The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored.""The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events.""The most valuable feature is that it has native MSSP capabilities and maintains perfect data separation. It does all of that in a very easy-to-manage cloud-based solution.""The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them.""Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."

More Devo Pros →

"The most beneficial was being able to prove, with proper reports, that from a compliance perspective, the company is in control. The service part of LogPoint did modifications or did some additional work to have the proper reports defined.""What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets.""The search feature is valuable. The dashboards are also valuable for our bosses. Another valuable feature, which is the main feature of the product, is the centralization of all the logs.""The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform.""It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.""It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline.""They basically charge you in a better way.""The most valuable features are the ones that we use the most, which are the search and report facilities."

More LogPoint Pros →

"The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data.""The log aggregation is great.""The initial setup isn't overly complex.""Splunk has machine learning which is a valuable feature.""It is the best tool if you have a complex environment or if data ingestion is too huge.""One of the most valuable features is threat hunting. We can do threat hunting and identify if there is any malicious activity happening within our environment, which is a key feature for us.""The indexing and data collection are valuable.""The reporting aspect is good and it does what I need it to do."

More Splunk Pros →

Cons
"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement.""There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts.""One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate.""Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution.""Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better.""Technical support could be better.""The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets.""I would like to have the ability to create more complex dashboards."

More Devo Cons →

"LogPoint can improve its dashboards. We are not able to customize the dashboard when creating them. They only have preset dashboards which do not have exactly what we are looking for.""It is a good product, but its interface or GUI could be better.""What could be improved in LogPoint is its UI because it's less friendly to users than LogRhythm. The UI could be more aesthetically appealing to users. It's completely outdated.""The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness.""In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved.""One of the things we faced last year was that we had some memory issues with the server running. We were running them as virtual services, and we were facing some performance issues. Back then, there were some things that had already been solved at the end, but one of the small issues we had was that it was quite memory-consuming. After one upgrade that we did, we faced some performance issues.""The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast.""I know that they have user behavior analytics, but it's an extra cost for this feature. It would be nice if it was in with the standard products."

More LogPoint Cons →

"The UI can be improved. Dashboards and reports can be better in terms of graphics.""You do need a lot of training and certification with this product.""If you have to do your own stuff, such as customized charts, it is a little bit more work, but once you're familiar with the Splunk query language, you can pretty much do whatever you want. In terms of features, it should probably have the features that other competitors provide.""This solution could be improved by better pricing in general and by easier installation.""I would like Splunk to add more integration. QRadar has many indications with more products than Splunk.""This is not really a monitoring solution.""Splunk needs to be able to hold more days of data. At the moment it only holds three months of data.""I feel the solution to be too slow."

More Splunk Cons →

Pricing and Cost Advice
  • "I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
  • "Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."
  • "[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."
  • "Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
  • "Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
  • "Our licensing fees are billed annually and per terabyte."
  • "I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
  • "Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
  • More Devo Pricing and Cost Advice →

  • "It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value."
  • "LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when customers needed a lower-costing solution."
  • "It has a fixed price, which is what I like about LogPoint. I bought the system and paid for it, and I pay maintenance. It is not a consumption model. Most SIEMs or most of the log management systems are consumption-based, which means that you pay for how many logs you have in the system. That's a real problem because logs can grow very quickly in different circumstances, and when you have a variable price model, you never know what you're going to pay. Splunk is notoriously expensive for that reason. If you use Splunk or QRadar, it becomes expensive because there are not just the logs; you also have to parse the logs and create indexes. Those indexes can be very expensive in terms of space. Therefore, if they charge you by this space, you can end up paying a significant amount of money. It can be more than what you expect to pay. I like the fact that LogPoint has a fixed cost. I know what I'm going to pay on a yearly basis. I pay that, and I pay the maintenance, and I just make it work."
  • "It was on a yearly basis at about $100K. It was not a huge environment. We were running it on our own virtual server environment, which, of course, had a cost. There was hardware and some energy cost, and then there were Microsoft Windows licenses for servers. That's all, but there was nothing in comparison to the licensing costs."
  • "My company used to pay for LogPoint costs annually. It's a cost-effective solution. I'm not part of the Finance team, though, so I'm not sure exactly what the licensing fee is or what license my company had."
  • More LogPoint Pricing and Cost Advice →

  • "The price is comparable."
  • "The pricing model is expensive and a nightmare based on the amount of data."
  • "The solution is a little expensive."
  • "It is economical than other solutions."
  • "Price-wise, if you compare QRadar to Splunk for SIEM functionality then they are in the same range but when you integrate SOAR with these solutions, Splunk takes the lead and is more competitive."
  • "Its pricing model can be improved."
  • "The pricing model is based on the number of gigabytes that you ingest into the Splunk system. So it can be an expensive solution."
  • "My customers have found the price of the solution to be high."
  • More Splunk Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    657,397 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Devo, like other vendors, doesn't charge extra for playbooks and automation. That way, you are only paying for the side… more »
    Top Answer:I need more empowerment in reporting. For example, when I'm using Qlik or Power BI in terms of reporting for the… more »
    Top Answer:They basically charge you in a better way.
    Top Answer:LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when… more »
    Top Answer:It wasn't one of the products we stressed for our customers just because it was a higher-end service. Our customers were… more »
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR)… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring… more »
    Comparisons
    Also Known As
    Splunk Enterprise Security
    Learn More
    Overview

    Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

    LogPoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs. 

    Benefits of LogPoint

    Some of the benefits of using LogPoint include:

    • Unifies data logs: LogPoint creates a single system of classification for collected data. It makes it easy for users to search for and find data, which aids users when they are creating reports or alerts. Users can conserve resources while at the same time seeing a rise in the efficiency of their business operations.
    • Intuitive solution design: LogPoint is designed so that anyone can utilize all of its features, even if they are not an expert in network security. LogPoint’s UI is simple enough that users can utilize it without undergoing extensive training. 
    • Highly flexible: LogPoint is designed so that users can scale it linearly to accommodate projects that are large and complex. This allows users to expand the scope of their projects according to their needs without worrying that their infrastructure won’t be able to handle the increase in size. The solution’s security features can be deployed both on the cloud and in a physical environment. 
    • Simple role-based access security: LogPoint allows administrators to employ Microsoft’s active directory (AD) and a Lightweight Directory Access Protocol to manage user access. These can help administrators protect their systems from being abused or otherwise harmed by bad actors. 

    Reviews from Real Users

    LogPoint is a security and management solution that stands out among its competitors for a number of reasons. Two major ones are its data gathering and artificial intelligence (AI) capabilities. LogPoint enables users to not only gather the data, but also to maximize both the amount of data that can be gathered and its usefulness. It removes many of the challenges that users may face in data collection. The solution allows users to set rules for collection and then it pulls information from sources that meet the rules that have been set. This data is then broken into manageable segments and ordered. Users can then analyze these ordered segments with ease. Additionally, LogPoint utilizes both machine learning and AI technology. Users gain the ability to protect themselves from and if necessary resolve emerging threats as soon as they arise. The AI sets security parameters for a user’s system. These act as a baseline that are triggered and notify the user if anything deviates from the rules that it set up. 

    The chief infrastructure & security officer at a financial services firm writes, “It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parsed because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.”

    A. Secca., a Cyber Security Analyst at a transportation company, writes, “It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all of the user’s activities. It devises a baseline and monitors if there is any deviation from the baseline.”

    Splunk is a tool that provides log management, security information, and event management solutions that help organizations easily make their machine data accessible, usable, and valuable for everybody. Splunk utilizes operational intelligence to turn machine data into valuable information by monitoring and to analyze all activities. 

    Splunk is ideal for data monitoring and searching, since it correlates and indexes large volumes of data into a searchable container. This enables users to create alerts, reports, and visualizations in real time. Splunk provides an in-depth, real-time view of the health and performance of all layers of your tech stack so you can optimize your system’s performance by proactively detecting errors and quickly fixing them.

    These days, it is becoming more and more difficult to maintain a strong security posture. Cyber attacks are becoming more and more sophisticated, and attackers have access to more entrance points. By implementing Splunk’s threat intelligence tools, you can modernize your security operations in any setting or framework, making your corporate growth more effective and flexible. The advanced visibility that Splunk provides, allows security teams to quickly detect and remove malicious threats in their environment. 

    Some of the benefits of using Splunk include:

    • Complete visibility into your environment: With Splunk, you can break down data silos and get actionable insights from data sent from multi-cloud and on-premises deployments.
       
    • Multi-environment troubleshooting: Detect and remedy problems fast with real-time, complete visibility and insight into the performance of your entire IT environment.

    • Advanced threat detection: Protect your organization from threats with Splunk’s advanced machine learning, security analytics, and threat intelligence tools that provide a sophisticated alert system to help shorten triage times and raise true positive rates.

    • Access to updated security information: Stay on top of new and emerging threats from automatic security content updates delivered directly from the Splunk Threat Research Team.

    • Multiple deployment options: Splunk has flexible deployment options. It can be deployed on the cloud, on-premises, or hybrid - depending on your organization’s needs.

    • Automated insights: Splunk’s AI-driven insights can help you predict problems by applying multiple conditions, thresholds, and complex rules. The solution’s built-in data science capabilities automatically reduce background noise and speed up error resolution times.

    • Multiple integration options: Splunk seamlessly integrates with many devices and operating systems, including:

      • Amazon Web Services (AWS)
      • Google Cloud Platform (GCP)
      • Microsoft Azure
      • NewRelic

    Reviews from Real Users

    Splunk stands out among its competitors for a number of reasons. Two major ones are its flexible search query tools and its strong AI capabilities.

    A Solutions Consultant at a tech services company notes, “It provides a lot of analytics with the underlying AI engine, and it is a lot easier than other solutions. There are some products that do automated AI-based detection and drawing up charts, but for network monitoring and all of the monitoring aspects, it is quite a nice tool. It is very convenient for business users because they get more or less a lot of data readily available. If you're familiar with the Splunk query language, you can pretty much do whatever you want.”

    Offer
    See Devo in Action

    See how Devo allows you to free yourself from data management, and make machine data and insights accessible.

    Learn more about LogPoint
    Learn more about Splunk
    Sample Customers
    United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
    AP Pension, Copenhagen Airports, KMD, Terma, DISA, Danish Crown, Durham City Council, Game, TopDanmark, Lahti Energia, Energi Midt, Synoptik, Eissmann Group Automotive, Aligro, CG50...
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    REVIEWERS
    Computer Software Company50%
    Comms Service Provider10%
    Retailer10%
    Insurance Company10%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider12%
    Government9%
    Financial Services Firm9%
    REVIEWERS
    Government33%
    Computer Software Company22%
    Financial Services Firm22%
    Transportation Company11%
    VISITORS READING REVIEWS
    Computer Software Company23%
    Comms Service Provider17%
    Government10%
    Healthcare Company5%
    REVIEWERS
    Financial Services Firm19%
    Computer Software Company11%
    Energy/Utilities Company10%
    Government7%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm14%
    Comms Service Provider11%
    Government9%
    Company Size
    REVIEWERS
    Small Business21%
    Midsize Enterprise21%
    Large Enterprise58%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise16%
    Large Enterprise62%
    REVIEWERS
    Small Business47%
    Midsize Enterprise20%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise16%
    Large Enterprise56%
    REVIEWERS
    Small Business32%
    Midsize Enterprise14%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise14%
    Large Enterprise69%
    Buyer's Guide
    LogPoint vs. Splunk
    November 2022
    Find out what your peers are saying about LogPoint vs. Splunk and other solutions. Updated: November 2022.
    657,397 professionals have used our research since 2012.

    LogPoint is ranked 12th in Security Information and Event Management (SIEM) with 9 reviews while Splunk is ranked 1st in Security Information and Event Management (SIEM) with 60 reviews. LogPoint is rated 7.4, while Splunk is rated 8.2. The top reviewer of LogPoint writes "Collects logs from different systems, works extremely fast, and has a predictable cost model". On the other hand, the top reviewer of Splunk writes "Very versatile for many use cases". LogPoint is most compared with Microsoft Sentinel, LogRhythm SIEM, IBM QRadar, Elastic Security and Fortinet FortiSIEM, whereas Splunk is most compared with Microsoft Sentinel, Elastic Security, Wazuh, Azure Monitor and AppDynamics. See our LogPoint vs. Splunk report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.