I primarily use CrowdStrike, along with some other solutions. I have been using Falcon LogScale for approximately a year now.I like Falcon LogScale for threat hunting primarily. I use it to make queries to see what is in my environment. I am curious about what a user is running and what websites are being accessed. I may have some websites I expect users not to visit, so I use it to query such websites. If I find one, I also correlate across the board to see who is accessing that website. I also use it for executables and threat hunting. I look for certain executables in my environment to see if my customers, users, or staff are making use of certain applications. I can run correlations across the board, and then analyze processes. You can use it to customize your monitoring. You can have a schedule for your queries such that you can write a query to do certain actions when an event occurs. You can also use it together with Falcon Workflow. Falcon Workflow can help you correlate or find data on your mail server, for instance. What you identify on your mail server could be a trigger for many more operations that the SOC analyst would usually do.
Security Consultant at a tech vendor with 10,001+ employees
MSP
Top 5
Mar 4, 2026
I work as a security consultant for customers. I am currently working on multiple solutions including Trend Micro, CrowdStrike, and Microsoft. I have over 14 years of overall experience, but I would reduce around four years from that period since I was working in a BPO. After those four years, I have been working with a different company as a consultant, so I would say I have 10 plus years of experience in this field.
Developer at a manufacturing company with 201-500 employees
Real User
Top 5
Dec 2, 2025
My main use case for Falcon LogScale is using it as a SIEM to collect logs. I collect all firewall logs and Active Directory logs through Falcon LogScale as a SIEM for collecting logs.
Lead Engg. Information Assurance at ACPL Systems Pvt Ltd
Real User
Top 5
Oct 16, 2024
Initially, the log was for log management. We store our logs for achieving compliance and log retention for longer periods. This function, LogScale, is now a platform where we can do correlation as well. It has become a next-generation SIM.
Technical Manager at a tech vendor with 11-50 employees
Real User
Top 10
Sep 25, 2024
This is a next-generation SIEM solution. It's used for fast search results compared to traditional SIEM solutions that take much longer due to the huge volume of data.
Security | SIEM Engineer at a tech services company with 51-200 employees
Real User
Oct 11, 2023
As an MSSP company, we work with various products and tools, including Falcon EDR and Falcon LogScale by CrowdStrike. We handle the configurations, integrations, and other tasks related to these tools on our tenant. We also create dashboards, perform quarantines, and use it for log management and fast data access.
Falcon LogScale is a modern log management tool that offers robust features for organizations seeking efficient log analysis. It provides high-speed log ingestion and query capabilities, enabling detailed insights into system performance and security events.
Falcon LogScale provides an efficient way for IT teams to handle massive volumes of log data. Its architecture supports rapid ingestion and real-time querying, making it ideal for security and operational analytics. With customizable...
I primarily use CrowdStrike, along with some other solutions. I have been using Falcon LogScale for approximately a year now.I like Falcon LogScale for threat hunting primarily. I use it to make queries to see what is in my environment. I am curious about what a user is running and what websites are being accessed. I may have some websites I expect users not to visit, so I use it to query such websites. If I find one, I also correlate across the board to see who is accessing that website. I also use it for executables and threat hunting. I look for certain executables in my environment to see if my customers, users, or staff are making use of certain applications. I can run correlations across the board, and then analyze processes. You can use it to customize your monitoring. You can have a schedule for your queries such that you can write a query to do certain actions when an event occurs. You can also use it together with Falcon Workflow. Falcon Workflow can help you correlate or find data on your mail server, for instance. What you identify on your mail server could be a trigger for many more operations that the SOC analyst would usually do.
I work as a security consultant for customers. I am currently working on multiple solutions including Trend Micro, CrowdStrike, and Microsoft. I have over 14 years of overall experience, but I would reduce around four years from that period since I was working in a BPO. After those four years, I have been working with a different company as a consultant, so I would say I have 10 plus years of experience in this field.
My main use case for Falcon LogScale is using it as a SIEM to collect logs. I collect all firewall logs and Active Directory logs through Falcon LogScale as a SIEM for collecting logs.
Initially, the log was for log management. We store our logs for achieving compliance and log retention for longer periods. This function, LogScale, is now a platform where we can do correlation as well. It has become a next-generation SIM.
This is a next-generation SIEM solution. It's used for fast search results compared to traditional SIEM solutions that take much longer due to the huge volume of data.
As an MSSP company, we work with various products and tools, including Falcon EDR and Falcon LogScale by CrowdStrike. We handle the configurations, integrations, and other tasks related to these tools on our tenant. We also create dashboards, perform quarantines, and use it for log management and fast data access.