IT Central Station is now PeerSpot: Here's why

LogLogic OverviewUNIXBusinessApplication

Buyer's Guide

Download the Log Management Buyer's Guide including reviews and more. Updated: June 2022

What is LogLogic?
Log data isn't just for security anymore. Log and machine data is being harnessed to provide insight into IT operational efficiencies Ð and TIBCO LogLogic uses log and machine data as the fuel for improving Operational Intelligence.
LogLogic Customers
Astrium, Cerner, Children's Hospital, Effiage, Lavego, Plantronics, Skipton Building Society, The Body Shop, The Lowry, University of Manitoba
LogLogic Video

Archived LogLogic Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
it_user126030 - PeerSpot reviewer
Senior ICT Solutions Expert at a comms service provider with 1,001-5,000 employees
Vendor
I've evaluated Splunk and IBM Q1 but LogLogic is the best choice for log management. SIEM functionality needs improvement.

What is most valuable?

You can collect almost any type of log from almost any platform or source. Documentation is extensive with excellent cookbooks. Implementation is very simple and fast. GUI is very intuitive. Platform is stable (max uptime is almost 2Y).

How has it helped my organization?

Response to problems was significantly faster. We quickly discovered the cause of the problem and also we have wasted less time on periodic reporting for auditors.

What needs improvement?

Definitely SIEM – other vendors have gone a lot further in developing SIEM functionality and made a lot more in this area.

For how long have I used the solution?

MX3020, SEM 1060 and EVA appliance
Buyer's Guide
Log Management
June 2022
Find out what your peers are saying about TIBCO, Splunk, LogRhythm and others in Log Management. Updated: June 2022.
610,812 professionals have used our research since 2012.

What was my experience with deployment of the solution?

No. Deployment was fast & simple. In one word - straightforward.

What do I think about the stability of the solution?

I believe that the uptime of almost two years is a sufficient indication of how stable this platform is (it would be even longer if we had not reboot the device due to the installation of new versions of the OS).

What do I think about the scalability of the solution?

Scalability is more than sufficient – HA clustering, replication, management platform, wide range of device models.

How are customer service and support?

Customer Service: Personally I have not had much to do with them but I was pleased with them. Technical Support: Technical support for LogLogic in Europe is great. These people have extensive and diverse knowledge, and they are quick to answer with precise technical explanations.

Which solution did I use previously and why did I switch?

No, but I have tested other solutions from other vendors and there is always something missing (Symantec, Splunk).

How was the initial setup?

It was surprisingly straightforward. After setting up network and initial parameters, the only thing what remain is to redirect logs from source to appliance. All supported log types are automatically recognized and that was great! All together that’s about two hours of work.

What about the implementation team?

Implementation was done in-house. In some more complex situations (integration with OS400) I contacted LogLogic support.

What's my experience with pricing, setup cost, and licensing?

Original setup cost is few days. Day to day cost of using this product is approximately less then one day per month to check reports, apply changes and prepare reports for the auditors. Also some of those reports are automated so the relevant employers receive reports on their emails.

Which other solutions did I evaluate?

Yes, I have evaluated also Splunk, Symantec, and Q1.

What other advice do I have?

If you are searching for log management solution, LogLogic is probably the best choice. The SIEM functionality is not at that level, and I suggest instead to choose another SIEM solution (eg: IBM Q1). In my experience, a good practice is to separate log management from SIEM in a way that they are two separate systems.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user121731 - PeerSpot reviewer
Senior Security Analyst with 1,001-5,000 employees
Real User
Situational awareness is a must but the biggest issue, is that it seems to deliberately use the lousiest compression.

What is most valuable?

It collects logs, most of the time.

How has it helped my organization?

Having logs in a central location helps with troubleshooting, forensic investigations, and legal investigations. Situational awareness is a must for a healthy IT environment.

What needs improvement?

The biggest issue, cost-wise, is that it seems to deliberately use the lousiest compression it can use and still say it's compressing data. It wouldn't be hard for them to pack 2-3x as much data into an appliance, but then that would mean they couldn't sell as many appliances. But there are lots of areas for improvement, which you'll see in the answers to other questions.

For how long have I used the solution?

About a year.

What was my experience with deployment of the solution?

Yes, their log collectors work well in homogenous environments, but in the real world where people have a mix of server operating systems, you'll have issues. If you have a mix of Windows 2003, 2008, and 2012 servers, you'll have to use the same OS on the server doing the collecting.

What do I think about the stability of the solution?

Yes. The piece that collects Windows logs tends to be very unstable once you get it running, which isn't always easy. Be prepared to have to try several versions of the Universal Collector and Lasso Enterprise to find which one works best in your environment. The latest isn't necessarily the greatest. New versions tend to be slow to appear even when there are known issues with them.

What do I think about the scalability of the solution?

Yes. The product isn't designed to allow you to add disk space to it. NAS options are limited to NFS. One of their devices allows you to connect it to a SAN, but check compatibility first as you can run into issues. SAN space, of course, is very expensive.

How are customer service and technical support?

Customer Service:

On a scale of 1-5, 0. They say the right things but don't deliver when it counts. I've given numerous suggestions for improving the product but they've dismissed every single one.

Technical Support:

On a scale of 1-5, 0. Lower-level support is only interested in closing tickets as quickly as possible, not in fixing the issue. If you can get a senior-level engineer they're polite and patient but limited by the rest of the organization. Many of their fixes look like the kind of thing I set up at 2am to get through an issue to buy some time until we can fix it right during normal business hours. The difference is they never come back and fix it right.

Which solution did I use previously and why did I switch?

Yes, we used ArcSight. It was expensive and difficult to configure. That said, none of these products are out-of-the-box solutions, so I caution against any vendor who claims to have one.

How was the initial setup?

You'll need an experienced sysadmin with knowledge of your network and the operating systems you're collecting from, but for a person like that, the initial setup is pretty easy. I was able to get a new appliance on the network and collecting the easiest logs in about a day, which is reasonable.

What about the implementation team?

In-house, with help from the vendor. The help from the vendor wasn't very helpful.

What was our ROI?

I'm uncomfortable with the idea of ROI on something like this because centralized logging isn't a luxury, it's a necessity. A large company has to do something like this or go out of business.

What's my experience with pricing, setup cost, and licensing?

I wasn't involved in discussions about the initial cost. Ongoing, count on needing one FTE to dedicate to it. At least initially, it will need to be an experienced specialist. Prior Loglogic experience isn't necessary but good knowledge of Windows and Unix is.

Which other solutions did I evaluate?

Yes, but I wasn't involved in the evaluation. I came in after the fact.

What other advice do I have?

There is a perception throughout the industry that this is an easy product to implement. The more heterogeneous your environment is and the better you know it going in, the easier it will be.

Disclosure: I am a real user, and this review is based on my own experience and opinions.