We use it as a repository of most of the logs that are created within our office systems. It is mostly used for forensic purposes. If there is an investigation, we go look for the logs. We find those logs in LogPoint, and then we use them for further analysis.

The use case with the business case actually is using LogPoint as a full-blown team system. And actually to orchestrate incident responses.

It's a SIEM system and if you incorporate detection rules and can set alerts, severities, stuff like that. It's the center of a SOC, basically. That's the main use case for it. Of course, it's also sued to fulfill regulatory compliance, which is making a report every week, every day, every month, according to the auditor, what he wants. That's the basic use case.

We do SMB and schools, K through 12. 

We have a storage cloud and cloud-based Cisco voiceover IP cloud services that we offer, as well as on-premise-based for those who still prefer that.

It monitors the users as well as the endpoints and provides data for that. It basically studies the activities, tries to understand the activities, and then does a little bit baseline for that. It then monitors the user or the endpoint to see if there is any deviation. If there is any deviation, it triggers an alarm.

We use it for our network and security devices. We also use it for all the infrastructure services, such as Active Directory, domain controllers, Exchange servers, hypervisors, and antivirus servers. In general, it is more dedicated to security than to logs.

We're a health care organization and we had a specific case where LogPoint was able to help develop a special collector for an earlier version of our storage system, where we had issues with migration. Some files were missing when we migrated to the new system, and we had trouble finding out why. LogPoint was very helpful in designing some drivers which could collect the log data, so we could identify the problem. We're customers of LogPoint and I'm a security consultant.