Features by license
License types
Logpresso Sonar offers four license types.
- Logpresso Sonar 5.0 Light:
- Log management license. Displayed as "LIGHT" on the license management screen.
- Logpresso Sonar 5.0 Light HA
- Log management license. A version of the LIGHT license that supports server redundancy. Displayed as "LIGHT HA" on the license management screen.
- Logpresso Sonar 5.0
- SIEM license. Adds detection scenarios, ticket and event management, and response integration features on top of the Light HA license. Displayed as "SONAR" on the license management screen.
- Logpresso Sonar 5.0 Maestro
- SOAR license. Includes playbook-based response features. Displayed as "MAE" on the license management screen.
Features by license type
The following table summarizes the features available for each license type.
| Menu | Feature | LIGHT / LIGHT HA | SONAR | MAE |
|---|---|---|---|---|
| Home | - | - | O | O |
| Intelligence | CVE | O | O | O |
| Intelligence | CWE | O | O | O |
| Intelligence | CAPEC | O | O | O |
| Dashboard | - | O | O | O |
| Logger | Loggers | O | O | O |
| Logger | Parsers | O | O | O |
| Logger | Log Schemas | O | O | O |
| Logger | Logger Models | O | O | O |
| Analysis | AI Assistant | O | O | O |
| Analysis | Event Summary | - | O | O |
| Analysis | Events | - | O | O |
| Analysis | Logs | O | O | O |
| Analysis | Lookup | O | O | O |
| Analysis | Pivots | O | O | O |
| Analysis | Datasets | O | O | O |
| Analysis | Queries | O | O | O |
| Analysis | Scheduled Queries | O | O | O |
| Analysis | Procedures | O | O | O |
| Analysis | Reports | O | O | O |
| Analysis | Data Catalog | O | O | O |
| Analysis | Glossary | O | O | O |
| Analysis | MITRE ATT&CK * | O | O | O |
| Response | Tickets | - | O | O |
| Response | Ticket Repositories | - | O | O |
| Response | Explanations | - | O | O |
| Response | Response Logs | - | O | O |
| Response | Playbook History | - | - | O |
| Response | Approval Requests | - | - | O |
| Response | Approval Logs | - | - | O |
| Policy | Stream Rules | - | O | O |
| Policy | Batch Rules | - | O | O |
| Policy | ML Models | O | O | O |
| Policy | Threat Intelligence | O | O | O |
| Policy | Behavior Profiles | O | O | O |
| Policy | ML Datasets | O | O | O |
| Policy | Sites | O | O | O |
| Policy | Assets | O | O | O |
| Policy | Address Groups | O | O | O |
| Policy | Subnet Groups | O | O | O |
| Policy | Port Groups | O | O | O |
| Policy | User-Defined Filters | O | O | O |
| Policy | Pattern Groups | O | O | O |
| Policy | Alarm Groups | O | O | O |
| Policy | Signatures * | O | O | O |
| Policy | Playbooks | - | - | O |
| Policy | Indicators | - | - | O |
| Users | Users | O | O | O |
| Users | User Groups | O | O | O |
| Users | Employees | O | O | O |
| Apps | - | O | O | O |
| Settings | Cluster | O | O | O |
| Settings | Sentries | O | O | O |
| Settings | Performance Monitor | O | O | O |
| Settings | Tables | O | O | O |
| Settings | Encryption Profiles | O | O | O |
| Settings | License | O | O | O |
| Settings | Mail Server | O | O | O |
| Settings | Push Template | - | O | O |
| Settings | Query Monitor | O | O | O |
| Settings | Audit Logs | O | O | O |
| Settings | System Log | O | O | O |
| Settings | Connect Profiles | O | O | O |
| Settings | Response Targets | - | O | O |
| Settings | Certificates | O | O | O |
| Settings | Packages | O | O | O |
| Settings | AI Prompt | O | O | O |
* MITRE ATT&CK and Signatures menus are displayed only when the XDR feature flag is included in the license, regardless of license tier.