No more typing reviews! Try our Samantha, our new voice AI agent.

Anomali vs ManageEngine EventLog Analyzer comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 18, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Anomali
Ranking in Security Information and Event Management (SIEM)
10th
Average Rating
8.0
Reviews Sentiment
6.2
Number of Reviews
13
Ranking in other categories
User Entity Behavior Analytics (UEBA) (5th), Advanced Threat Protection (ATP) (11th), Threat Intelligence Platforms (TIP) (3rd), Extended Detection and Response (XDR) (11th)
ManageEngine EventLog Analyzer
Ranking in Security Information and Event Management (SIEM)
42nd
Average Rating
7.4
Reviews Sentiment
7.3
Number of Reviews
12
Ranking in other categories
Log Management (36th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Anomali is 1.4%, up from 0.3% compared to the previous year. The mindshare of ManageEngine EventLog Analyzer is 1.0%, down from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Anomali1.4%
ManageEngine EventLog Analyzer1.0%
Other97.6%
Security Information and Event Management (SIEM)
 

Featured Reviews

TarunKumar11 - PeerSpot reviewer
Global Leadership Council at a tech company with 10,001+ employees
Strategic threat intelligence has improved detection speed and consistently reduces analyst workload
Anomali can be improved in various aspects. Its AI-driven automation can further advance, and AI-powered investigation summaries can improve. User experience could be enhanced through simplification of workflows. Better board-level cyber risk dashboards could provide easier visualization. Additionally, Anomali could work on simplifying the pricing structure. Although it excels in threat intelligence aggregation and operationalization, stronger GenAI capability, improved executive reporting, and a more intuitive workflow for analysts would further increase SOC efficiency and add more business value. Regarding Anomali's AI capabilities, governance and security are quite good. Anomali has incorporated AI and machine learning primarily to improve correlation and prioritization. These capabilities are valuable but could be more mature. The platform could achieve better threat correlation, prioritization, more anomaly detection, and allow AI to accelerate intelligence analysis while further improving quality and relevance. The accuracy and reliability of Anomali's AI output are fairly reasonable and good. The AI engine works well, but this capability could be improved. Better threat correlation with threat actors, certain indicators of compromise, malware, and campaigns is possible. Threat prioritization could increase, and alert noise could be reduced through further de-duplication. While reasonable, this is not the best available, and other products possibly have more AI maturity, such as Recorded Future and CrowdStrike Falcon.
Md Abdul Hakim - PeerSpot reviewer
System Engineer at Corporate Projukti Limited
Efficient log management enhances activity monitoring despite VPN user issue
Last month, we faced an issue with a Hawaiian VPN user activity. It's like a Fortinet device configured for VPN users. When a VPN user logs in, it doesn't really capture the time before this. If you're testing with existing or new device integration, then the product will be good in the market.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Anomali has positively impacted our organization with many improvements since we started using it, as we receive many block hits from them, and we can say that our coverage has been extended to 90% because we do MITRE mapping."
"Anomali is a very versatile platform, quite effective, and very fast when it comes to downloading and maintaining the information of the indicators of compromise."
"The feature I have found most valuable is credential monitoring. This feature is easy and quick."
"I think it's one of the awesome tools I've worked with to date."
"The most valuable aspect of Anomali is the threat modeling capability."
"With Anomali, we benefit by obtaining threat information prior to incidents, making our threat hunts proactive and having incident response plans ready, which saves almost 40% of the time from the traditional model."
"Anomali positively impacts our organization, notably improving our vulnerability management program under reducing attack surface management."
"Anomali has positively impacted my organization because earlier we were not using any TIP format and were just dependent on open source, which gave us tons of irrelevant alerts, but with Anomali, we now get very specific and targeted alerts, allowing us to navigate through a handful of alerts that are applicable to us and saving a ton of working hours."
"The tool's reports show activities."
"I have made use of technical support and am certainly very satisfied with them."
"ManageEngine EventLog Analyzer is useful for log and alert correlation and is a full-function SIEM solution."
"What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications; it seamlessly integrates throughout the ManageEngine suite, and that's beneficial, and I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team."
"The log management has helped to improve my organization."
"The user interface is very good."
"ManageEngine EventLog Analyzer was a lower-cost alternative, and it was easier to install and manage."
"The initial setup is straightforward"
 

Cons

"Anomali can be improved by expanding its capability to capture a broader range of threats because it currently has limitations and may not catch everything occurring in the world, especially from the dark web."
"Support in the past has been top-notch, but recent trends indicate that it has taken a back seat, as we often don't get answers for days."
"Pricing and licensing are good, but the costs for purchasing threat feeds are somewhat complicated and a bit on the higher side."
"Anomali can be improved, specifically the Security Analytics feature, because I feel there is a slight lag in that."
"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."
"My experience with Anomali's customer support has not gone so well for us."
"I believe Anomali could be improved by making the user interface more user-friendly."
"I can mention one point regarding improvements for Anomali, which is more enhanced reporting flexibility."
"It may not be as easy to use as Splunk."
"Last month, we faced an issue with a Hawaiian VPN user activity. It's like a Fortinet device configured for VPN users."
"The first tier of customer service and support is not great, and additional upgrades could be included."
"The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."
"There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple."
"I would like to see more detailed reports."
"The scalability is limited."
"There's a lot to improve in terms of connectivity. Currently, we're utilizing it across various infrastructures and environments, including others' cloud. However, connecting it to our infrastructure and integrating it with some of our SMAX solutions poses difficulties."
 

Pricing and Cost Advice

"When comparing the price of Anomali Enterprise to other solutions it is in the medium to high range. However, I am satisfied with the price."
"Licensing for ManageEngine EventLog Analyzer is paid yearly."
"There is a yearly subscription for the solution."
"ManageEngine EventLog Analyzer is expensive. Its licensing costs are annual."
"We paid for the license of the solution and the deployment. The price of ManageEngine EventLog Analyzer is less expensive than other solutions."
"ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license."
"There is a license required for these solutions. The customer can choose the license type, such as an annual license purchase or a perpetual license. If the customer wants maintenance they will have to pay annually."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Manufacturing Company
9%
Construction Company
8%
Computer Software Company
6%
Computer Software Company
10%
Comms Service Provider
8%
Financial Services Firm
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise1
Large Enterprise14
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise7
Large Enterprise3
 

Questions from the Community

What is your experience regarding pricing and costs for Anomali Enterprise?
My experience with pricing involved a yearly, two-year contract; I can't specify the setup cost, but it was aligned with our budget, so I consider it good.
What needs improvement with Anomali ThreatStream?
I can mention one point regarding improvements for Anomali, which is more enhanced reporting flexibility. The reporting provided to us is not too detailed and could be more enhanced. Better filteri...
What is your primary use case for Anomali ThreatStream?
I was using Anomali primarily for threat intelligence operations, security monitoring, and threat detection initiatives. I was part of the SOC team, and my role and responsibilities involved workin...
What needs improvement with ManageEngine EventLog Analyzer?
Last month, we faced an issue with a Hawaiian VPN user activity. It's like a Fortinet device configured for VPN users. When a VPN user logs in, it doesn't really capture the time before this. If yo...
What is your primary use case for ManageEngine EventLog Analyzer?
I find this solution useful for IT devices as a live stream to work with Syshun, serving as both the router and the target. All activities are logged, and they can be accessed within one console. T...
 

Also Known As

Match, Lens, ThreatStream, STAXX, Anomali Security Analytics
EventLog Analyzer
 

Overview

 

Sample Customers

Bank of England, First Energy, UBISOFT, Bank of Hope, Blackhawk Network
Moody National Bank, EnCircle, Goldleaf Financial Solutions, Inc, IBM, Ernst & Young, Micro Linear, Silverbeck-Rymer Solicitors, Provincial Court of British Columbia, Eleventh Judicial Circuit of Florida, OGILVY & MATHER, E! Entertainment, Tribune-Review Publishing Co.
Find out what your peers are saying about Anomali vs. ManageEngine EventLog Analyzer and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.