Logsign Next-Gen SIEM offers advanced cybersecurity capabilities with its rich use case flexibility, providing invaluable support in threat detection and response strategies.
| Product | Mindshare (%) |
|---|---|
| Logsign Next-Gen SIEM | 1.1% |
| Splunk Enterprise Security | 7.3% |
| IBM Security QRadar | 5.3% |
| Other | 86.3% |
Logsign Next-Gen SIEM delivers robust data analytics and security automation for efficient threat detection and incident management. It is designed to seamlessly integrate with existing infrastructure, ensuring comprehensive security intelligence. This next-generation security information and event management enhances operational efficiency by rapidly analyzing large volumes of data and automating incident responses, making it an essential tool for IT security teams.
What are the standout features of Logsign Next-Gen SIEM?Implemented widely across industries such as finance and healthcare, Logsign Next-Gen SIEM provides specialized solutions catering to high-volume transactional environments and sensitive data management. Its deployment in critical sectors ensures compliance with industry standards and regulatory requirements, making it a trusted choice for organizations aiming for heightened security measures.
Turkish Petroleum, Tırsan, DP World, SAC American Colleges, Robert College, Unlu&Co, UniCo Insurance Company, ETSTur, CK Energy, UEDAS Energy, Wilo, Eurocross Assistance, Deloitte Turkey, Incı GS Yuasa, Pappara, Bilgi University, Anadolu University, İstanbul University, The Ministry of Energy and Natural Resources, TRT, Anadolu Media Agency, Ministry of Family, Labour and Social Services, Ispark, Spor AS and wide range of enterprises in different industries.
| Author info | Rating | Review Summary |
|---|---|---|
| Associate Engineer at Connex Information Technologies | 4.0 | Logsign is user-friendly with integrated UEBA and SIEM features. It lacks AI and machine learning capabilities but plans to launch them soon. Compared to LogRhythm, Logsign's unified interface simplifies configuration, integration, and monitoring processes. |
| Cyber Security Specialist at lums | 4.0 | I use Logsign Next-Gen SIEM for forensic analysis and monitoring critical servers. Its cloud capabilities, alerting functionality, and Elastic Search integration are valuable. However, it needs better filtering for alerts and more mature threat data for enhanced detection. |
| SIEM Administrator at Network Intelligence (I) Pvt. Ltd. | 4.0 | Logsign Next-Gen SIEM offers valuable sample logs for testing and understanding log formats. However, I hope they improve their pricing model to avoid regional discrepancies and enhance the GUI interface with features similar to IBM Pure's xFi Exchange for better efficiency. |
| Network Monitoring Engineer at a computer software company with 501-1,000 employees | 3.5 | I use Logsign as a security monitoring solution to collect logs from various security products. The user interface is intuitive, yet the correlation engine and query language need improvement, making it difficult to monitor and correlate events effectively. |
The alerting and real-time analytics helped the security team. They are using a Hadoop database, so real-time monitoring and analytics are very easy and fast. Queries return results quickly and in very small time. It has full automation and automated SIEM responses.
We are currently only testing Logsign, but in a few months, we plan to integrate our servers, routers, firewalls, and endpoints into our company's Logsign instance. Then, we can manage everything using Logsign.
Logsign is very easy to use. It has UEBA and SIEM features.
It does not have much AI and machine learning features yet. They are developing them and will be releasing them in a few months.
I have been using it for three to four months.
It can be both horizontal and vertical.
The customer service and support are good.
Positive
The integration and deployment are very easy. They give you an ISO file for Linux.
It does not take more than one hour. Installation is also very easy.
Compared to other SIEMs, it has low pricing.
Currently, I am studying LogRhythm. Compared to LogRhythm, Logsign is very easy to use. LogRhythm has separate controls for the client control language, managing, analyzing, and configuration, which are difficult.
In Logsign, the configuration, integration, server, and monitoring parts are all very easy, and we can do everything using a single interface.
Overall, I would rate it an eight out of ten. AI and machine learning need to be developed. If they develop those features, I think everything will be fine.
I can recommend it. Not for large enterprises, but for mid-level enterprises.
We use Logsign SIEM for various tasks in our daily operations. One key use case is for forensic analysis. We also use it to monitor critical servers and generate security alerts for actions like logins, logoffs, or reboots. Additionally, we can search for specific information using the interface or IP addresses with Logsign SIEM.
The most valuable features of Logsign SIEM are its cloud capabilities, alerting functionality, integration with Elastic Search, and configuration options.
Improvements needed in Logsign SIEM are providing specific security alerts that can be filtered and configured more effectively. There should be a focus on delivering alerts tailored to specific needs rather than overwhelming users with numerous alerts. Additionally, incorporating more mature data about threats is necessary for better threat detection.
I have been working with Logsign Next-Gen SIEM for three years.
The solution is mostly stable, but we had a few issues in the past. I would rate the stability as an eight out of ten.
Logsign SIEM is highly scalable. I would rate the scalability as a nine out of ten.
Technical support is satisfactory and cooperative. I would rate them as a nine out of ten.
Positive
Setting up Logsign SIEM is not difficult, especially with the support of managed services. Our Logsign team helped with the initial configuration, making the process relatively easy and completed within a few days. The deployment process took around two to three days.
Using Logsign SIEM has saved us costs compared to other options like QRadar, which were too expensive for us. Logsign is a more affordable option. The license cost for Logsign SIEM varies based on the number of devices being monitored, with costs increasing as the number of devices increases.
Logsign SIEM seems to be following market trends by adapting its pricing model based on the number of devices rather than data volume. This aligns with how other solutions are evolving in the market.
I would recommend Logsign SIEM to others, especially for those with budget constraints. It is a good product despite some financial considerations.
Overall, I would rate the product as an eight out of ten.
Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats.
I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts.
I have been Logsign Next-Gen SIEM for the past one year.
It is scalable.
The support team for Logsign Next-Gen SIEM is excellent. Compared to other SIEM solutions like IBM QRadar and LogRhythm, Logsign's support team responds within one to two hours, for deployment issues and integration challenges.
The initial installation and setup of Logsign Next-Gen SIEM was straightforward and easy, especially compared to products like Splunk and LogRhythm. Within fifteen days of working with LogSign, I was fully prepared and understood everything. In contrast, LogRhythm's setup can be confusing due to its various components.
I prefer Logsign for our company's deployment in Saudi Arabia because the pricing is reasonable, and integration is straightforward. But if the pricing isn't favorable, we consider switching to another product. As an MSSP or system integrator, it's crucial to offer customer quality features at competitive prices to ensure satisfaction and value.
I would rate LogSign as an 8 out of 10. The support team is responsive, the platform is user-friendly with easy installation and integration, and the documentation is helpful. There iss room for improvement in third-party integrations and pricing strategies.
The solution is used as a security monitoring solution. We are collecting logs from different security products in the infrastructure, like firewalls and EDR. They were using mainly Windows SIEM. We create groups to monitor the security and possible attacks.
The solution secures attacks and monitors too. If there's a real attack running and we need to apply a solution first, we opt for Logsign. A couple of times, the solution has saved customers from security attacks. There's a legal law in Turkey: if you face any security attack, you must provide logs to the legal authorities. We had to provide some logs to legal authorities, and Logsign helped.
Logsign has a very user-friendly interface. It is easy to use and find the features that you need. When compared to other solutions in that budget, it is working fast. You never experienced any slowness in the alerts with needed resource. It is doing the job. The correlation part is complex. When we talked to support, it was hard to correlate events to security monitoring. Overall, It is doing the job, and you were able to monitor the security within the budget.
Logsign is a log management system based on Elasticsearch. When creating alerts and correlations, you use the Kibana query, based on the Elasticsearch queries. The query language is freaky. It's not always possible to correlate some of that. Logsign needs to fix the correlation engine. So you can monitor and correlate events on the different parts of the system. Also, users need to be able to build the alerts and regulations much easier.
I have been using Logsign Next-Gen SIEM for more than 18 months.
The product can work stable, but you must configure and monitor everything perfectly. Sometimes when you misconfigure something, you are unaware of, you experience some issues.
You can set up different instances, which is crucial for SIEM. You don't miss any logs or events.
The company is growing fast. They hire new support for SIEM. You may struggle with the support. In general, they have great knowledge of the product. They know what they need to do both product-wise and security-wise. Whenever you need help at night or on weekends, you always find someone to help you.
Positive
The initial setup is easy. Logsign support deals with it. You just provide a server to them, and they install the product. It is budget-friendly every time. The first step is to provide the server with strong SIEM resources like CPU, memory, etc. You also need to give them a VPN connection to connect and do the setup. When you open a support ticket, they connect with the VPN and apply the solution. They help you collect logs or forward logs from the different servers or products on the network or offline products. The process takes up to a month. You need to work together with the Logsign support. You need to collect the logs and forward them to Logsign from each product or each part of your system. After that, you will be able to monitor the system security.
You need support ocassionly. Whenever you update the product, you’ll experience downtime. You need to plan with the support and set up a meeting to apply the updates. There are updates constantly released. You cannot keep up with the version every time. Logsign is a good choice depending on the budget. If your budget is limited and you have some different uses for that budget for a different security solution, You can choose Logsign because it's cheaper than international products, and it does the job. You need to limit your expectations. Logsign is a viable solution. Overall, I rate the solution a seven out of ten.
