No more typing reviews! Try our Samantha, our new voice AI agent.

Cortex XSIAM vs ManageEngine EventLog Analyzer comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XSIAM
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
8.6
Reviews Sentiment
6.7
Number of Reviews
16
Ranking in other categories
Identity Threat Detection and Response (ITDR) (6th), AI-Powered Cybersecurity Platforms (7th)
ManageEngine EventLog Analyzer
Ranking in Security Information and Event Management (SIEM)
42nd
Average Rating
7.4
Reviews Sentiment
7.3
Number of Reviews
12
Ranking in other categories
Log Management (36th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Cortex XSIAM is 1.7%, down from 2.8% compared to the previous year. The mindshare of ManageEngine EventLog Analyzer is 1.0%, down from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Cortex XSIAM1.7%
ManageEngine EventLog Analyzer1.0%
Other97.3%
Security Information and Event Management (SIEM)
 

Featured Reviews

reviewer2541030 - PeerSpot reviewer
Cybersecurity Architect at a computer software company with 10,001+ employees
Unified security monitoring has simplified incident response and improved automated threat handling
The firewall side can make some improvements. I know the firewall on Cortex XSIAM is based on Windows. From what I have experienced so far, I have seen that the policies you can create are actually very in-depth. I mean, you can do most of the things and a lot of integration that you actually want. So if I want to choose to send things to WildFire, for example, I can choose to send it, I can choose to not send it. This basically offers flexibility to implement Cortex XSIAM in more standardized places where you maybe have a certification. I would say that the thing that maybe needs a bit more improvement is the fact that the one with the firewall because I have seen some things there that are kind of hard to manage. You do not really have a very easy way to manage those, unless you actually know where you have put them. So it is very inflexible. In the rest, you have a lot of playbooks that you can do and you can do lots of automation, which is actually easy to manage from what I have seen from my colleagues.
Md Abdul Hakim - PeerSpot reviewer
System Engineer at Corporate Projukti Limited
Efficient log management enhances activity monitoring despite VPN user issue
Last month, we faced an issue with a Hawaiian VPN user activity. It's like a Fortinet device configured for VPN users. When a VPN user logs in, it doesn't really capture the time before this. If you're testing with existing or new device integration, then the product will be good in the market.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It operates on a single, extensive database which enables it to excel in detecting threats and anomalies across the network and endpoints, delivering a highly effective and comprehensive security solution."
"The most valuable aspect is that Cortex XSIAM doesn't generate excessive alerts, refines all search results effectively, and filters out incidents where SOC intervention isn't necessary, allowing engineers to focus only on what matters."
"Cortex XSIAM enhances our ability to apply endpoint protection policies, implement restrictions, conduct scans, and engage in sandboxing."
"The most valuable features of Cortex XSIAM are the machine learning used to identify threats, the complexity of the environment of products, and efficiency."
"For me, to have Cortex XSIAM available is to basically have integration of all log sources, all alerting, and so on and so forth from firewalls and different tools, to get everything in one place, and afterwards to be able to build on the information that is coming."
"The product integrates seamlessly with third-party solutions."
"Since implementing Cortex XSIAM, incident response times have been significantly reduced by approximately twenty percent."
"The most valuable feature is the integration capability."
"The tool's reports show activities."
"Our primary use case for this solution is detecting issues to provide customers with information."
"ManageEngine EventLog Analyzer is useful for log and alert correlation and is a full-function SIEM solution."
"ManageEngine EventLog Analyzer is easy to gather reports to give to management. My supervisor has access to the solution and he enjoys the graphs."
"The initial setup is straightforward"
"The dashboard for administrators or assigned engineers can identify vulnerabilities, activities, infected systems, large files, or DDoS attacks."
"ManageEngine EventLog Analyzer was a lower-cost alternative, and it was easier to install and manage."
"I have made use of technical support and am certainly very satisfied with them."
 

Cons

"It could provide more integration with a large variety of products."
"There is room for improvement in expanding integrations to include more cybersecurity solutions."
"Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous."
"The solution’s pricing and technical support could be improved."
"Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports."
"Cortex XSIAM is on the expensive side and requires substantial improvement in pricing."
"I would rate the overall stability a six or seven, as we have only used it for a few months and need a year of experience to provide a full assessment."
"The support could be a bit faster."
"The customization of reports could be a lot easier. It is not difficult but it could be made easier."
"What I'd like to see as an improvement to ManageEngine EventLog Analyzer is for it to be more AI-driven. Having more automation would also make the solution better."
"Support could improve to make the solution better."
"The scalability is limited."
"The product does not have certain advantages, especially the correlation tools. It was not working as per our expectations."
"There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple."
"The first tier of customer service and support is not great, and additional upgrades could be included."
"Last month, we faced an issue with a Hawaiian VPN user activity. It's like a Fortinet device configured for VPN users."
 

Pricing and Cost Advice

"In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate."
"The solution is expensive compared to its competitors."
"The solution comes at a significant cost."
"Since Palo Alto is trying to get as many new customers as possible, they're offering very competitive pricing."
"The product cost could be considered value for money compared to other solutions in the market, though it is quite high."
"Licensing for ManageEngine EventLog Analyzer is paid yearly."
"There is a license required for these solutions. The customer can choose the license type, such as an annual license purchase or a perpetual license. If the customer wants maintenance they will have to pay annually."
"ManageEngine EventLog Analyzer is expensive. Its licensing costs are annual."
"ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license."
"We paid for the license of the solution and the deployment. The price of ManageEngine EventLog Analyzer is less expensive than other solutions."
"There is a yearly subscription for the solution."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Manufacturing Company
10%
Financial Services Firm
9%
Government
6%
Computer Software Company
10%
Comms Service Provider
8%
Financial Services Firm
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise2
Large Enterprise5
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise7
Large Enterprise3
 

Questions from the Community

What is your experience regarding pricing and costs for Cortex XSIAM?
I did not participate in pricing discussions for Cortex XSIAM solutions, so I cannot provide a review regarding prices for this solution.
What needs improvement with Cortex XSIAM?
The firewall side can make some improvements. I know the firewall on Cortex XSIAM is based on Windows. From what I have experienced so far, I have seen that the policies you can create are actually...
What needs improvement with ManageEngine EventLog Analyzer?
Last month, we faced an issue with a Hawaiian VPN user activity. It's like a Fortinet device configured for VPN users. When a VPN user logs in, it doesn't really capture the time before this. If yo...
What is your primary use case for ManageEngine EventLog Analyzer?
I find this solution useful for IT devices as a live stream to work with Syshun, serving as both the router and the target. All activities are logged, and they can be accessed within one console. T...
 

Also Known As

No data available
EventLog Analyzer
 

Overview

 

Sample Customers

Information Not Available
Moody National Bank, EnCircle, Goldleaf Financial Solutions, Inc, IBM, Ernst & Young, Micro Linear, Silverbeck-Rymer Solicitors, Provincial Court of British Columbia, Eleventh Judicial Circuit of Florida, OGILVY & MATHER, E! Entertainment, Tribune-Review Publishing Co.
Find out what your peers are saying about Cortex XSIAM vs. ManageEngine EventLog Analyzer and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.