Falcon LogScale Reviews

Name: Falcon LogScale
Brand: CrowdStrike
Rating: 4.2 (10 reviews)

Vendor: CrowdStrike

4.2 out of 5

10 reviews
100% willing to recommend

Leave a review

What is Falcon LogScale?

Falcon LogScale is a modern log management tool that offers robust features for organizations seeking efficient log analysis. It provides high-speed log ingestion and query capabilities, enabling detailed insights into system performance and security events.

Get the Log Management Buyer's Guide and find out what your peers are saying about Falcon LogScale, Datadog, Splunk Enterprise Security and more!

Falcon LogScale is the #33 ranked solution in Log Management Software. PeerSpot users give Falcon LogScale an average rating of 8.4 out of 10. Falcon LogScale is most commonly compared to Datadog: Falcon LogScale vs Datadog. Falcon LogScale is popular among the large enterprise segment, accounting for 53% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 16% of all views.

Buyer's Guide

Log Management

March 2026

Get the category report

Helped 885,376 peers since 2012

Featured Falcon LogScale reviews

Oluwajuwon Olorunlona

Cyber Security Engineer at eprocessconsulting

CrowdStrike is ahead of the game. If I may say anything about Falcon LogScale to improve the services, I would talk about the way you develop parsers. The documentation should be more straightforward. It is not easy to quickly find the documentation, especially if you are using CrowdStrike. Most customers use Falcon LogScale because of CrowdStrike. The documentation of Falcon LogScale is not on the CrowdStrike portal just like the rest of Falcon documentation. I usually find that the main Falcon LogScale documentation is found on the Falcon LogScale website itself. I think there should be a link or direct documentation within the CrowdStrike pages. It is not necessarily a fault. If you find where the documentation resides, you can trace it to what they are doing. However, for the ease of use for Falcon administrators, the same documentation on the Falcon LogScale portal should be on the CrowdStrike dashboard.

Read full review

Sydney D'Souza

Security Consultant at a tech vendor with 5,001-10,000 employees

I have not worked on that particular part, but regarding improvement, KQL seems to be quite complicated and we have to brush up on that if we want to become an expert on it. KQL is a bit challenging for us. When we talk about Microsoft, KQL is simpler when compared to SQL. However, SQL is faster and quite efficient, but the language is a bit tough, maybe because it is new. I have just been working with it for the past two years. If I have more exposure in the coming years, it will become an easier option for me. KQL should be simplified, which would be a better thing. The documentation should not only be private but should be made public. Though we are partners and have access to those documents, sometimes I conduct testing on my own and have to log into a partner account or customer account to access those documents. That has to be improved. SQL has to be improved as well. When it comes to the overall Falcon LogScale console, it could be easier if it were made more attractive. For example, if something is shown on the dashboard with simplified icons and text, it would be a great option if there were some colors or larger icons. One drawback I have seen with Falcon LogScale is that there is something that cannot be customized. There is an account detection that seems to be a systematic account, and if we want to change it from a systematic account to a user account when it is detecting a system account, that seems to be a problem for us.

Read full review

DeepPujara

Siem Engineer at Data Elicit Solutions Pvt. Ltd.

I want the alerts to be pretty much easy and configurable for detection, and if I get the workflow option for XDR to automate my responses, that would be great. Previously I was using Splunk, which was pretty much customizable. I could create an add-on for anything or any data if I wanted to get that data. The connector data to ingest third-party data is missing. I can ingest the data via Falcon LogScale collector, but we don't have any option to create connectors for getting data. In Falcon NG-SIEM, which I have used, there is a feature called connectors where we can easily get any data in a few minutes, but we don't have any kind of options for connectors in Falcon LogScale. Sometimes it takes about four to five days or a week to escalate the case, so it is slow compared to other platforms. They can improve on that part. The UI part was an issue for us in the initial days, but in terms of reliability and performance, it is working well for us.

Read full review

Falcon LogScale mindshare

As of March 2026, the mindshare of Falcon LogScale in the Log Management category stands at 0.9%, up from 0.7% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Log Management Mindshare Distribution
Product	Mindshare (%)
Falcon LogScale	0.9%
Wazuh	7.5%
Splunk Enterprise Security	6.8%
Other	84.8%

Log Management

Key learnings from peers

Last updated Mar 31, 2026

Valuable Features

Falcon LogScale is praised for its seamless integration with existing solutions like IDP, EDR, and XDR. Its fast query speed and customizable dashboard are highly valued. Users enjoy quick log data retrieval, impressive data retention, and flexible monitoring capabilities. Insights and AI-driven query assistance enhance usability. They benefit from fast search functionality, index-free data retention, and scalability that provide enhanced visibility and efficient troubleshooting across organizations, particularly within financial sectors such as banking and insurance.

"Falcon LogScale stores logs without heavy indexing and searches directly, making it very fast."
"I would highly recommend Falcon LogScale due to its search performance and index-free architecture, and it is low cost."
"The biggest advantages of Falcon LogScale are the speed at which the queries return to you and the ease of use."

Room for Improvement

Falcon LogScale's complexity challenges users, especially in customizing queries beyond built-in options. The integration of Charlotte AI improved usability but data retention remains incomplete. KQL is difficult compared to SQL, and documentation should be publicly accessible. Improvements in parser development and integration with CrowdStrike's portal are needed. The console could benefit from better dashboard design with more user-friendly features like icons and color coding. Pricing and parser writing for unsupported devices warrant attention.

"One more point about areas for improvement is the visualization depth. Splunk, which I used, has very good visualization compared to Falcon LogScale."
"Sometimes it takes about four to five days or a week to escalate the case, so it is slow compared to other platforms."
"CrowdStrike support is not good."

Pricing

Falcon LogScale pricing varies, with users praising its cost-effectiveness, especially under national tenders. Many appreciate its efficient log ingestion and inbuilt features like indexing and parsing. While some describe the price as moderate and suitable for mature enterprises, others note an average cost, rating it six or seven out of ten. Overall, pricing is viewed as straightforward with relatively low setup costs.

Popular Use Cases

Organizations utilize Falcon LogScale primarily as a SIEM for log collection and analysis. They use it for identifying anomalies, threat hunting, creating dashboards, conducting in-depth analyses, and gaining fast search capabilities. They appreciate its ability to handle large data volumes quickly and use it for compliance and log retention. Some customize monitoring and schedule queries for specific events, while others take advantage of its integration with other CrowdStrike tools. Falcon LogScale supports customized solutions and specialized reporting needs.

Service and Support

Falcon LogScale's support includes clear documentation, a user-friendly support link in the console, and responsive service with minimal delays. Users engage in workshops with experts for greater insight. Some users face repeated queries that prolong resolution, indicating scripted responses. Despite this, others report highly responsive and helpful interactions, rating support between 7 and 10. Occasional delays occur with on-premises issues, yet several maintain satisfaction, noting prompt updates and effective customer service.

Deployment

Many found Falcon LogScale's initial setup straightforward, especially with existing CrowdStrike integration. They appreciated the comprehensive documentation, allowing easy deployment. While deploying on the cloud was simple and quick, installing on-premises was complex. Users valued better visibility and the well-defined process, comparing it favorably to Microsoft and Trend Micro. They found it intuitive, with the dashboard and kill chain process enhancing their experience.

Scalability

Falcon LogScale is cloud-based and designed for scalability. Users appreciate its seamless integration with various cloud assets and effective handling of large data volumes while keeping response times steady. Its default configuration enables automatic association of critical incidents across different log sources, simplifying operations. Though smaller organizations haven't scaled extensively, they express openness to future expansion. There are minor notes on improving visualization and representation for enhanced scalability.

Stability

Falcon LogScale demonstrates consistent stability and reliability, handling substantial data ingestion effortlessly. Users note no significant issues and find data retrieval from months ago nearly instantaneous. There are no complexities with its stability, achieving a high rating of nine out of ten. Users highlight a lack of downtime, confirming Falcon LogScale's capacity to maintain strong performance.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Log Management Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	3
Large Enterprise	2

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	47
Midsize Enterprise	38
Large Enterprise	94

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

16%

Manufacturing Company

11%

Government

Media Company

Healthcare Company

Comms Service Provider

Financial Services Firm

Energy/Utilities Company

Educational Organization

Retailer

Insurance Company

Construction Company

Outsourcing Company

Non Profit

Transportation Company

University

Logistics Company

Wholesaler/Distributor

Hospitality Company

Marketing Services Firm

Consumer Goods Company

Real Estate/Law Firm

Sports Company

Leisure / Travel Company

Pharma/Biotech Company

Performing Arts

Compare Falcon LogScale with alternative products

Learn more about Falcon LogScale

Falcon LogScale provides an efficient way for IT teams to handle massive volumes of log data. Its architecture supports rapid ingestion and real-time querying, making it ideal for security and operational analytics. With customizable search capabilities, it allows deep analysis to detect anomalies and troubleshoot issues effectively. Users appreciate its scalability and performance-driven approach, making it suitable for large infrastructures.

What are the most important features of Falcon LogScale?

High-Speed Log Ingestion: Manages vast amounts of log data swiftly and efficiently.
Real-Time Querying: Enables quick analysis and insights into current data.
Scalability: Designed to grow with the expanding needs of large organizations.
Customizable Searching: Offers granular search options for precise data examination.

What benefits or ROI should be anticipated?

Enhanced Operational Efficiency: Streamlines log analysis processes.
Improved Security Posture: Identifies security threats quickly through powerful search and alert capabilities.
Cost-Effective Scaling: Offers scalable solutions that grow with business needs.
Time Savings: Reduces time spent on log data management and analysis.

Falcon LogScale is particularly beneficial in industries requiring detailed compliance reporting and real-time threat detection, such as finance and healthcare. It's implemented to support security operations and incident response teams by providing timely insights and operational efficiencies.

Product Categories

Log Management

Popular Comparisons

Datadog vs Falcon LogScale

Splunk Enterprise Security vs Falcon LogScale

Dynatrace vs Falcon LogScale

IBM Security QRadar vs Falcon LogScale

Cribl vs Falcon LogScale

Grafana Loki vs Falcon LogScale

Security Onion vs Falcon LogScale

Graylog Enterprise vs Falcon LogScale

LogRhythm SIEM vs Falcon LogScale

Elastic Stack vs Falcon LogScale

Amazon OpenSearch Service vs Falcon LogScale

Amazon CloudWatch vs Falcon LogScale

Fortinet FortiAnalyzer vs Falcon LogScale

ManageEngine Log360 vs Falcon LogScale

Sumo Logic Security vs Falcon LogScale

See all alternatives

Falcon LogScale Reviews Summary
Author info	Rating	Review Summary
Cyber Security Engineer at eprocessconsulting	4.0	I use Falcon LogScale primarily for threat hunting, valuing its fast queries, ease of use, and AI capabilities for significant ROI. However, I find its parser documentation challenging and CrowdStrike's customer service responses unsatisfactory.
Security Consultant at a tech vendor with 5,001-10,000 employees	4.0	I’ve used Falcon LogScale for two years and value its NG SIEM, exposure/identity features, fast SQL, and customizable portal that correlates incidents across sources. Setup and support are solid and pricing efficient, but KQL is hard, docs are restricted, UI needs improvement, and some detections aren’t customizable.
Siem Engineer at Data Elicit Solutions Pvt. Ltd.	4.0	I find Falcon LogScale excellent for fast searching and insights due to its index-free architecture, significantly improving security and saving time. I do wish alerting was simpler and it offered more customizable data ingestion connectors for third-party sources.
CTO at Trust-IT Solutions	5.0	We leverage Falcon LogScale as our SIEM for log analysis and anomaly detection, valuing its seamless CrowdStrike integration and insights. Charlotte AI has improved query complexity, though data retention costs are a concern. It's a stable, scalable solution.
Soc Analyst at a tech consulting company with 11-50 employees	4.0	I find Falcon LogScale excellent for fast, real-time threat hunting, thanks to its index-free search and powerful query language. While its visualization depth could improve compared to Splunk, it's a very good, speedy product that I highly recommend.
Developer at a manufacturing company with 201-500 employees	4.5	I've used Falcon LogScale for a year as a SIEM to collect logs, appreciating its scalability, fast search, and visibility for troubleshooting. It's stable, cost-effective, easy to use, and supported by responsive customer service.
Sales Representative at a tech vendor with 5,001-10,000 employees	4.0	I’ve worked around Falcon LogScale for five years as an account manager; my customers mainly use its search and visualization. We implement with CrowdStrike’s help, and support seems strong. In regulated Germany, DORA and paperwork make implementation a long process on hybrid Azure.
Lead Engg. Information Assurance at ACPL Systems Pvt Ltd	4.0	I primarily use Falcon LogScale for log management, compliance, and retention, appreciating its fast search and index-free retention. Improvements are needed in integration and dashboard usability, with OpenText and IBM QRadar as notable competitors in this space.

Falcon LogScale Reviews

What is Falcon LogScale?

Featured Falcon LogScale reviews

Falcon LogScale mindshare

Valuable Features

Room for Improvement

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Falcon LogScale with alternative products

Learn more about Falcon LogScale

Related questions

Product Categories

Popular Comparisons