We performed a comparison between AlienVault OSSIM and ManageEngine EventLog Analyzer based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"The solution has a very good open source community, and whenever we have problems, we are always able to resolve it online."
"Better than other SIEM solutions because almost everything can be integrated."
"The initial setup was straightforward. I didn't have any problems."
"There are a lot of people you will find using OSSIM since they are also offering OTX as a service"
"Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. It is also free and very powerful."
"The solution is free to use."
"You can customize the dashboards as well as the reporting."
"With AlienVault you get everything in one box."
"The user interface is very good."
"It's one of the easiest products. It's very simple to use."
"The log management has helped to improve my organization."
"ManageEngine EventLog Analyzer is easy to gather reports to give to management. My supervisor has access to the solution and he enjoys the graphs."
"The initial setup is straightforward"
"I have made use of technical support and am certainly very satisfied with them."
"The most valuable features of ManageEngine EventLog Analyzer are the number of capabilities, file integration monitoring, web server log collection, and alert configuration."
"The tool's reports show activities."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"The troubleshooting has room for improvement."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"We'd like also a better ticketing system, which is older."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"I would like the solution to be able to integrate with my firewall, my IDS and my Honeypot solutions so that it can provide real-time reporting as things occur and then have alert sent to me on my phone when suspicious activity is happening."
"AlienVault OSSIM is costly."
"They can add more compliance templates."
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."
"The correlation engine needs to be improved."
"Sometimes technical issues take very long to get resolved."
"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."
"There needs to be more support or some kind of training program so users can self-learn the system more effectively."
"It may not be as easy to use as Splunk."
"The scalability is limited."
"There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple."
"I would like to see more detailed reports."
"The solution should improve on its log capturing capabilities."
"The first tier of customer service and support is not great."
"The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."
"The customization of reports could be a lot easier. It is not difficult but it could be made easier."
More ManageEngine EventLog Analyzer Pricing and Cost Advice →
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 26 reviews while ManageEngine EventLog Analyzer is ranked 23rd in Security Information and Event Management (SIEM) with 10 reviews. AlienVault OSSIM is rated 7.4, while ManageEngine EventLog Analyzer is rated 7.8. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of ManageEngine EventLog Analyzer writes "Modular software that seamlessly integrates with other applications and provides good technical support". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and ManageEngine Log360, whereas ManageEngine EventLog Analyzer is most compared with ManageEngine Log360, Fortinet FortiAnalyzer, Wazuh, SolarWinds Kiwi Syslog Server and SolarWinds Security Event Manager . See our AlienVault OSSIM vs. ManageEngine EventLog Analyzer report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
