We performed a comparison between ArcSight Intelligence and ManageEngine Log360 based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The UI-based analytics are excellent."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The ability to tailor an environment to suit our specific use cases is a major advantage of ArcSight compared to other logging servers such as Splunk."
"The platform helps us improve threat detection capabilities."
"The product has a valuable interface."
"We found the correlation engine to be very good. It takes logs from different types of devices and does the correlation in a good way."
"The most valuable feature of ArcSight Intelligence is a single console where the entire dashboard gives all the connected details in a single place."
"The most valuable feature is that this solution is more secure than others, and there are more applications and features as well."
"The deployment is quite simple and pretty straightforward."
"You can have all of the logs from servers to network and it gets sent out to the correct owners. This is very helpful."
"ManageEngine Log360 is not difficult to deploy."
"The product is very user-friendly."
"The reports that you can run are really nice."
"It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect."
"The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"We are invoiced according to the amount of data generated within each log."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"The troubleshooting has room for improvement."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The dashboard is not user-friendly and is in black and white."
"ArcSight Intelligence's pricing needs improvement."
"ArcSight Intelligence is a bit slower, and its speed should be improved."
"The frequency of the updates that we are getting can be improved because the number and types of incidents that are happening at the global level are far more than what we are receiving. The frequency of updates feeds related to our rules should be increased. There should be more frequent information about the new rules that are coming and the global threats that are happening. There should be better options for dashboard creation. At present, the dashboards are good, but there is scope to make them better."
"We haven't found the product fully scalable."
"Their technical support should be improved."
"It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system."
"The support needs improvement."
"We can log in as a local user, and it's fine, but when we login with an Active Directory user, we cannot."
"On the logging system, there's a local on-client side that is encrypted, and there's one that is not encrypted. It is only for diagnostical purposes. However, both being encrypted would be very valuable for some audits."
"It is not expensive compared to other solutions."
"The matter of the data retention needs to be addressed."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
ArcSight Intelligence is ranked 33rd in Security Information and Event Management (SIEM) with 5 reviews while ManageEngine Log360 is ranked 24th in Security Information and Event Management (SIEM) with 15 reviews. ArcSight Intelligence is rated 8.0, while ManageEngine Log360 is rated 7.2. The top reviewer of ArcSight Intelligence writes "A user-friendly solution that can be used to integrate the logs properly with different connectors". On the other hand, the top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". ArcSight Intelligence is most compared with ArcSight Enterprise Security Manager (ESM) and Exabeam Fusion SIEM, whereas ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security, Fortinet FortiSIEM and SolarWinds Security Event Manager . See our ArcSight Intelligence vs. ManageEngine Log360 report.
See our list of best Security Information and Event Management (SIEM) vendors and best User Entity Behavior Analytics (UEBA) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
