We performed a comparison between LogPoint and Wazuh based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: LogPoint is noted for its advanced technology and extensive log-collection, parsing, and analysis mechanisms. Wazuh stands out for its effortless integration, excellent log monitoring capabilities, and ELK-based investigation.LogPoint can improve its dashboard customization, resource efficiency, network hierarchy diagrams, and agent deployment. Wazuh needs improvements in event source coverage, threat intelligence integration, and real-time monitoring of Unix systems.
Service and Support: LogPoint's customer service receives high marks for its exceptional technical support and responsive engineers, but some users reported delays in receiving help from higher-level support. Wazuh's customer service is generally deemed satisfactory, and many customers noted that they could easily find answers from community forums.
Ease of Deployment: The complexity of LogPoint's initial setup can range from complex and time-consuming to fast and easy, depending on the user's experience and the organization’s size. Some users said that Wazuh’s setup is easy and fast, while others perceived it as complicated and said it required a significant amount of time.
Pricing: LogPoint's fixed pricing model is seen as cost-effective and competitive. Wazuh is a cost-effective option as it is open-source and completely free to acquire.
ROI: LogPoint makes costs more predictable and enables companies to generate revenue through security operation services. Wazuh's MSP program and partnerships offer opportunities to generate revenue from the platform.
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The solution's user interface is quite simple, and the integration is better than other products."
"The solution's most valuable aspect is the combination of the software and the support that they have."
"The integration is very user-friendly. There are not many CLI commands. Everything is directly accessible from the web interface."
"Log collection, dashboards and reporting are good."
"The search feature is valuable. The dashboards are also valuable for our bosses. Another valuable feature, which is the main feature of the product, is the centralization of all the logs."
"They basically charge you in a better way."
"It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them."
"The most valuable features are the ones that we use the most, which are the search and report facilities."
"I like that the solution is on top of the Kubernetes stack."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"It offers built-in modules for file integrity and vulnerability management."
"Wazuh is simple to use for PCI compliance."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
"The product is easy to customize."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"The AI capabilities must be improved."
"What could be improved in LogPoint is its UI because it's less friendly to users than LogRhythm. The UI could be more aesthetically appealing to users. It's completely outdated."
"The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."
"It is a good product, but its interface or GUI could be better."
"Nowadays the trend is going towards the ransomware and the endpoint detection and response. So if they added something for that, that will be very, very good."
"The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness."
"LogPoint must find a way to integrate the servers without agents."
"Logpoint is not flexible. Its documentation is not user-friendly."
"In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"The computing resources are consuming and do not make sense."
"The deployment is a bit complex."
"Wazuh is missing many things that a typical SIEM should have."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"Integration with Vyara could be better."
"Some features, like alerting, are complex with Wazuh."
Logpoint is ranked 29th in Log Management with 20 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. Logpoint is rated 7.4, while Wazuh is rated 7.4. The top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Logpoint is most compared with IBM Security QRadar, Elastic Security, Rapid7 InsightIDR, LogRhythm SIEM and Fortinet FortiSIEM, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and CrowdStrike Falcon. See our Logpoint vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.