We compared Splunk Enterprise Security and LogPoint across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Features: Splunk Enterprise Security stands out for its efficiency, extensive integration options, and powerful search functionality. Users say Splunk is a highly scalable and customizable solution. LogPoint is noted for its advanced technology and extensive log-collection, parsing, and analysis mechanisms.
Room for Improvement: Splunk users recommended improvements in AI capabilities, user-friendliness, and analytics. LogPoint can improve its dashboard customization, resource efficiency, network hierarchy diagrams, and agent deployment.
Service and Support: While some users found Splunk support to be responsive and helpful, others reported slow response times and a lack of expertise. LogPoint's customer service receives high marks for its exceptional technical support and responsive engineers, but some users reported delays in receiving help from higher-level support.
Ease of Deployment: Some users thought Splunk Enterprise Security was easy to deploy, while others found it challenging and needed assistance from Splunk engineers or third-party integrators. The complexity of LogPoint's initial setup can range from complex and time-consuming to fast and easy, depending on the user's experience and the organization’s size.
Pricing: Some users consider Splunk Enterprise Security to be expensive, but others said the price is reasonable. A few users expressed concerns about the cost of scaling up the solution and managing large volumes of data. LogPoint's fixed pricing model is seen as cost-effective and competitive.
ROI: Users said that it’s challenging to calculate an ROI for Splunk Enterprise Security, and the return varies depending on individual circumstances. While some users have observed a substantial ROI, others have not actively explored or been engaged in ROI conversations. Logpoint makes costs more predictable and enables companies to generate revenue through security operation services.
Comparison Results: Splunk is highly regarded for its efficient data processing and powerful search capabilities. Users like Splunk's customization options and ability to process data from multiple sources quickly, but reviewers say it could be more intuitive and offer advanced AI capabilities. Logpoint excels at log collection and analysis but would benefit from improvements in its user interface and resource usage.
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
"The solution is user-friendly."
"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."
"They basically charge you in a better way."
"The most valuable features are the ones that we use the most, which are the search and report facilities."
"It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."
"The main advantage of Logpoint is the support service. They reply within ten minutes to an hour to our queries."
"Log collection, dashboards and reporting are good."
"We are much faster finding and addressing issues with Splunk."
"Its dashboard is valuable. If you have a good knowledge of how to create a dashboard, you can create any dashboard related to cybersecurity. If fine-tuned, the alarms that are triggered for instant review are also very valuable and useful."
"The feature that we use the most is the correlation search engine within ES."
"It helps us uncover bottlenecks in the network."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"It definitely does help with both auditing and as well as regular monitoring. SOC does more monitoring, but ES also gives you other features that are auditing-related. The dashboards are also beneficial."
"I am satisfied with the support."
"The ability to manage large amounts of generated data and to protect all devices from unauthorized use are the most valuable features."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"I would like to see more AI used in processes."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The product can be improved by reducing the cost to use AI machine learning."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"Logpoint is not flexible. Its documentation is not user-friendly."
"Log management could be better because transporting the log from a password to the client system takes time."
"The interface needs things like wizards that will assist with creating complex correlation rules."
"It is a good product, but its interface or GUI could be better."
"It is complicated to collect daily logs from other systems."
"Sometimes, the product is not stable."
"The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness."
"One of the things we faced last year was that we had some memory issues with the server running. We were running them as virtual services, and we were facing some performance issues. Back then, there were some things that had already been solved at the end, but one of the small issues we had was that it was quite memory-consuming. After one upgrade that we did, we faced some performance issues."
"Splunk ES could have more pre-built integrations and rules. The detection is fairly accurate, but it depends on the rules you create. Splunk's out-of-the-box configuration isn't that useful."
"We'd like to have the number of devices covered under the license to be increased."
"The prices are complicated as we operate in a small third-world country."
"The documentation is in definite need of improvement."
"I would like additional features in different programming models with the support for writing queries in SQL or other languages, such as C#, Java, or some other type of query definitions."
"Splunk could enhance its services by providing more comprehensive professional assistance aimed at optimizing our investment."
"The monitoring aspect of Splunk could be improved. We have to do some queries to get as much information as CrowdStrike or other solutions provide. If you run a big query, you will see a delay. That is the only concern we have because it will take some time if you query large data sets."
"While Splunk Enterprise Security offers valuable features, its cost is high and could be more competitive."
Logpoint is ranked 28th in Log Management with 20 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews. Logpoint is rated 7.4, while Splunk Enterprise Security is rated 8.4. The top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Logpoint is most compared with IBM Security QRadar, Elastic Security, Rapid7 InsightIDR, Wazuh and SolarWinds Security Event Manager , whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor. See our Logpoint vs. Splunk Enterprise Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.