ManageEngine EventLog Analyzer vs OpenText Enterprise Security Manager comparison

ManageEngine EventLog Analyzer vs. OpenText Enterprise Security Manager

Download the complete report

Helped 870,697 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

ManageEngine EventLog Analyzer

Ranking in Security Information and Event Management (SIEM)

47th

Average Rating

7.4

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

Log Management (41st)

OpenText Enterprise Securit...

Ranking in Security Information and Event Management (SIEM)

21st

Average Rating

7.8

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of October 2025, in the Security Information and Event Management (SIEM) category, the mindshare of ManageEngine EventLog Analyzer is 1.0%, down from 1.0% compared to the previous year. The mindshare of OpenText Enterprise Security Manager is 1.6%, up from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Market Share Distribution
Product	Market Share (%)
OpenText Enterprise Security Manager	1.6%
ManageEngine EventLog Analyzer	1.0%
Other	97.4%

Security Information and Event Management (SIEM)

Featured Reviews

Md Abdul Hakim

System Engineer at Corporate Projukti Limited

Efficient log management enhances activity monitoring despite VPN user issue

Last month, we faced an issue with a Hawaiian VPN user activity. It's like a Fortinet device configured for VPN users. When a VPN user logs in, it doesn't really capture the time before this. If you're testing with existing or new device integration, then the product will be good in the market.

Read full review

Ramnesh Dubey

Solutions Architect at Ericsson

Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods

The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The user interface is very good."

"I have made use of technical support and am certainly very satisfied with them."

"What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications. It seamlessly integrates throughout the ManageEngine suite, and that's beneficial. I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team."

"The initial setup is straightforward"

"It is stable."

"It's one of the easiest products. It's very simple to use."

"The tool's reports show activities."

"ManageEngine EventLog Analyzer is easy to gather reports to give to management. My supervisor has access to the solution and he enjoys the graphs."

More ManageEngine EventLog Analyzer pros

"This process has helped to improve our organization because we have centralized the intra-group security equipment logs."

"The tool sends an automated mail to all the operators, which makes it easy to share the information and reporting."

"The most valuable features of ArcSight ESM are the dashboards, ease of management for anyone, and simple for teams to provide reports related to cyber security. There are a lot of good features that are provided."

"The user interfaces are quite good and speedy."

"We do consulting and I get feedback from our clients that the product really helped them with compliance, especially with GDPR."

"We use ArcSight ESM for log analysis and security alerts. It warns us of threats and then helps us conduct a forensic investigation of a cyber attack or internal incident after it happens."

"I value the event correlation of this product."

"On the positive side, ArcSight ESM's performance was excellent. It was very fast when writing queries. It provided good performance monitoring and had built-in rules to show which rules triggered most often and impacted performance. This performance monitoring was well-implemented."

More OpenText Enterprise Security Manager pros

Cons

"The solution should improve on its log capturing capabilities."

"The customization of reports could be a lot easier. It is not difficult but it could be made easier."

"There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple."

"The scalability is limited."

"There's a lot to improve in terms of connectivity. Currently, we're utilizing it across various infrastructures and environments, including others' cloud. However, connecting it to our infrastructure and integrating it with some of our SMAX solutions poses difficulties."

"I would like to see more detailed reports."

"Last month, we faced an issue with a Hawaiian VPN user activity. It's like a Fortinet device configured for VPN users."

"Support could improve to make the solution better."

More ManageEngine EventLog Analyzer cons

"Its search part can be improved. When I go to the console and search for a few logs or something else, it takes a lot of time. When I try to search for three days or one week, it takes too much time. This is a major area of improvement. I wanted them to include features like SOAR, threat intelligence, and automation, and they seem to have included all these features in version 7.3 or 7.4."

"It is quite complex and could use a better UI. So the improvement would be a simplification. It is pretty complicated to use. The architecture is not complex but the setup and use are."

"They also could improve the product by integrating user and identity behavior analytics."

"They should try to include business logic vulnerabilities in the SIEM tool."

"It would be nice if the interface were more user-friendly, with, for example, a minimal number of tabs to navigate."

"The stability of ArcSight Enterprise Security Manager (ESM) is not very robust."

"I am having issues with report generation with older versions. I don't know if this is because of compatibility issues, but report generation has been a little bit difficult in older versions. It is not similar to the newer and current versions. We are looking at moving to the cloud. It would be good if ArcSight ESM can move to the cloud. They already seem to be working on this. It would also be very helpful and great if we can integrate external threat intelligence, machine learning, and AI into this solution. It has good dashboards, but they can always be better. Its stability can also be improved."

"When we need to consume old events, we have to wait for a long time. ArcSight should improve the database capability to reply to queries faster. It would also be interesting if they implemented network visibility. For example, they could add a feature like NetWitness with a model just for looking through the packets."

More OpenText Enterprise Security Manager cons

Pricing and Cost Advice

"There is a yearly subscription for the solution."

"We paid for the license of the solution and the deployment. The price of ManageEngine EventLog Analyzer is less expensive than other solutions."

"There is a license required for these solutions. The customer can choose the license type, such as an annual license purchase or a perpetual license. If the customer wants maintenance they will have to pay annually."

"ManageEngine EventLog Analyzer is expensive. Its licensing costs are annual."

"Licensing for ManageEngine EventLog Analyzer is paid yearly."

"ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license."

"Aggregation can help a lot in pushing down licensing costs."

"HPE ArcSight pricing might be more expensive than other SIEM solutions, but in my opinion it has powerful features and great flexibility in developing complex use cases."

"ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value."

"The solution is super expensive. At our organization size and license model, I think the price is average to what anyone else would charge us."

"There is a license required for this solution."

"Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service."

"Thanks to Micro Focus's licensing model, as an MSSP, we are able to see a complete return on our investment almost immediately."

"We have a license to use this solution. The price of ArcSight Enterprise Security Manager is expensive."

More OpenText Enterprise Security Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

870,697 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Jun 28, 2015

Qradar vs. ArcSight

Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

14%

Government

Manufacturing Company

Healthcare Company

Financial Services Firm

14%

Computer Software Company

11%

Manufacturing Company

11%

Performing Arts

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	4
Midsize Enterprise	7
Large Enterprise	2

By reviewers
Company Size	Count
Small Business	37
Midsize Enterprise	14
Large Enterprise	57

Questions from the Community

What do you like most about ManageEngine EventLog Analyzer?

The reporting features are noteworthy, as they provide templates that streamline the process of generating reports

What needs improvement with ManageEngine EventLog Analyzer?

What is your primary use case for ManageEngine EventLog Analyzer?

I find this solution useful for IT devices as a live stream to work with Syshun, serving as both the router and the target. All activities are logged, and they can be accessed within one console. T...

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?

In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...

What do you like most about ArcSight Enterprise Security Manager (ESM)?

We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.

What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?

ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.

ManageEngine Log360 vs ManageEngine EventLog Analyzer

Comparisons

Compared 38% of the time

Wazuh vs ManageEngine EventLog Analyzer

Compared 12% of the time

SolarWinds Kiwi Syslog Server vs ManageEngine EventLog Analyzer

Compared 9% of the time

Fortinet FortiAnalyzer vs ManageEngine EventLog Analyzer

Compared 8% of the time

Security Onion vs ManageEngine EventLog Analyzer

Compared 3% of the time

More ManageEngine EventLog Analyzer Competitors

Trellix ESM vs OpenText Enterprise Security Manager

Compared 18% of the time

IBM Security QRadar vs OpenText Enterprise Security Manager

Compared 11% of the time

Splunk Enterprise Security vs OpenText Enterprise Security Manager

Compared 9% of the time

SurfWatch Labs SurfWatch vs OpenText Enterprise Security Manager

Compared 7% of the time

Elastic Security vs OpenText Enterprise Security Manager

Compared 6% of the time

More OpenText Enterprise Security Manager Competitors

Product Reports

ManageEngine EventLog Analyzer

Download ManageEngine EventLog Analyzer product report

OpenText Enterprise Security Manager

Download OpenText Enterprise Security Manager product report

OpenText Enterprise Security Manager report

Also Known As

EventLog Analyzer

Micro Focus ArcSight, HPE ArcSight, ArcSight

Overview

Your organizations IT infrastructure generate huge amount of logs every day and these machine generated logs have vital information that can provide powerful insights and network security intelligence into user behaviors, network anomalies, system downtime, policy violations, internal threats, regulatory compliance, etc. However, the task of analyzing these event logs and syslogs without automated log analyzer tools can be both time-consuming and painful if done manually.

EventLog Analyzer provides the most cost-effective Security Information and Event Management (SIEM) software on the market. Using this Log Analyzer software, organizations can automate the entire process of managing terabytes of machine generated logs by collecting, analyzing, correlating, searching, reporting, and archiving from one central location. This event log analyzer software helps to monitor file integrity, conduct log forensics analysis, monitor privileged users and comply to different compliance regulatory bodies by intelligently analyzing your logs and instantly generating a variety of reports like user activity reports, historical trend reports, and more.

ManageEngine

OpenText Enterprise Security Manager enables real-time threat detection through scalable and adaptable solutions, integrating seamlessly with multiple platforms for complex security scenarios across different environments.

OpenText Enterprise Security Manager offers extensive security monitoring capabilities, combining log analysis and incident management to enhance cybersecurity and compliance. Its powerful event correlation engine provides real-time alerts for rapid incident response. Users benefit from customizable dashboards and comprehensive log collection, making it a significant tool in the SIEM market. Flexible deployment options cater to both on-premises and cloud environments, supporting enterprises in managing IT infrastructure and threat detection efficiently.

What are the key features of OpenText Enterprise Security Manager?

Event Correlation Engine: Real-time threat detection with advanced correlation capabilities.
Scalability: Adapts to enterprise-level demands and complex security needs.
Integration: Seamlessly integrates with multiple platforms and third-party tools.
Customizable Dashboards: Tailored views and active lists enhance user experience.
Advanced Alerting: Provides timely incident response and security alerts.

Why should users look for reviews when evaluating OpenText Enterprise Security Manager?

Timely Incident Responses: Fast alerting and action against threats.
User-Friendly Experience: Customizable dashboards simplify monitoring tasks.
Comprehensive Security Management: Integrated log management and threat detection across domains.
Adaptability and Scalability: Supports both on-premises and cloud deployments.

In industries such as finance, healthcare, and energy, OpenText Enterprise Security Manager is implemented for monitoring critical systems and ensuring compliance with regulatory needs. Enterprises leverage its capabilities for forensic investigations and active threat management, serving as a central hub for cybersecurity operations across diverse IT infrastructures.

OpenText

Sample Customers

Moody National Bank, EnCircle, Goldleaf Financial Solutions, Inc, IBM, Ernst & Young, Micro Linear, Silverbeck-Rymer Solicitors, Provincial Court of British Columbia, Eleventh Judicial Circuit of Florida, OGILVY & MATHER, E! Entertainment, Tribune-Review Publishing Co.

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.

ManageEngine EventLog Analyzer vs. OpenText Enterprise Security Manager