No more typing reviews! Try our Samantha, our new voice AI agent.

Cortex XSIAM vs ManageEngine EventLog Analyzer comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XSIAM
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
8.6
Reviews Sentiment
6.7
Number of Reviews
16
Ranking in other categories
Identity Threat Detection and Response (ITDR) (6th), AI-Powered Cybersecurity Platforms (7th)
ManageEngine EventLog Analyzer
Ranking in Security Information and Event Management (SIEM)
42nd
Average Rating
7.4
Reviews Sentiment
7.3
Number of Reviews
12
Ranking in other categories
Log Management (36th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Cortex XSIAM is 1.7%, down from 2.8% compared to the previous year. The mindshare of ManageEngine EventLog Analyzer is 1.0%, down from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Cortex XSIAM1.7%
ManageEngine EventLog Analyzer1.0%
Other97.3%
Security Information and Event Management (SIEM)
 

Featured Reviews

reviewer2541030 - PeerSpot reviewer
Cybersecurity Architect at a computer software company with 10,001+ employees
Unified security monitoring has simplified incident response and improved automated threat handling
The firewall side can make some improvements. I know the firewall on Cortex XSIAM is based on Windows. From what I have experienced so far, I have seen that the policies you can create are actually very in-depth. I mean, you can do most of the things and a lot of integration that you actually want. So if I want to choose to send things to WildFire, for example, I can choose to send it, I can choose to not send it. This basically offers flexibility to implement Cortex XSIAM in more standardized places where you maybe have a certification. I would say that the thing that maybe needs a bit more improvement is the fact that the one with the firewall because I have seen some things there that are kind of hard to manage. You do not really have a very easy way to manage those, unless you actually know where you have put them. So it is very inflexible. In the rest, you have a lot of playbooks that you can do and you can do lots of automation, which is actually easy to manage from what I have seen from my colleagues.
Md Abdul Hakim - PeerSpot reviewer
System Engineer at Corporate Projukti Limited
Efficient log management enhances activity monitoring despite VPN user issue
Last month, we faced an issue with a Hawaiian VPN user activity. It's like a Fortinet device configured for VPN users. When a VPN user logs in, it doesn't really capture the time before this. If you're testing with existing or new device integration, then the product will be good in the market.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program."
"The product integrates seamlessly with third-party solutions."
"It does a better job of identifying anomalies that are more likely to be incidents of compromise without as many false positives or false negatives."
"The advanced visualization capabilities of the product are important for understanding security trends in an organization."
"Cortex XSIAM enhances our ability to apply endpoint protection policies, implement restrictions, conduct scans, and engage in sandboxing."
"Since implementing Cortex XSIAM, incident response times have been significantly reduced by approximately twenty percent."
"The most valuable aspect is that Cortex XSIAM doesn't generate excessive alerts, refines all search results effectively, and filters out incidents where SOC intervention isn't necessary, allowing engineers to focus only on what matters."
"The most valuable feature is the integration capability."
"The initial setup was very simple and straightforward, according to our security team."
"ManageEngine EventLog Analyzer was a lower-cost alternative, and it was easier to install and manage."
"It's one of the easiest products. It's very simple to use."
"The initial setup is straightforward"
"The reporting features are noteworthy, as they provide templates that streamline the process of generating reports"
"The log management has helped to improve my organization."
"The user interface is very good."
"I have made use of technical support and am certainly very satisfied with them."
 

Cons

"I would rate the overall stability a six or seven, as we have only used it for a few months and need a year of experience to provide a full assessment."
"I am not sure if any improvements are needed right now."
"It could provide more integration with a large variety of products."
"Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports."
"The standard integrations are very limited, and the integrations available are not listed in the marketplace. Obtaining validation for integrations from Palo Alto takes around eight months, which is quite long."
"The platform isn't very developer-friendly and it should provide more flexibility and ease."
"Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable compared to CrowdStrike."
"There is room for improvement in expanding integrations to include more cybersecurity solutions."
"The customization of reports could be a lot easier. It is not difficult but it could be made easier."
"The product does not have certain advantages, especially the correlation tools. It was not working as per our expectations."
"Support could improve to make the solution better."
"It may not be as easy to use as Splunk."
"The first tier of customer service and support is not great, and additional upgrades could be included."
"There's a lot to improve in terms of connectivity. Currently, we're utilizing it across various infrastructures and environments, including others' cloud. However, connecting it to our infrastructure and integrating it with some of our SMAX solutions poses difficulties."
"The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."
"What I'd like to see as an improvement to ManageEngine EventLog Analyzer is for it to be more AI-driven. Having more automation would also make the solution better."
 

Pricing and Cost Advice

"The solution is expensive compared to its competitors."
"The product cost could be considered value for money compared to other solutions in the market, though it is quite high."
"The solution comes at a significant cost."
"In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate."
"Since Palo Alto is trying to get as many new customers as possible, they're offering very competitive pricing."
"We paid for the license of the solution and the deployment. The price of ManageEngine EventLog Analyzer is less expensive than other solutions."
"There is a license required for these solutions. The customer can choose the license type, such as an annual license purchase or a perpetual license. If the customer wants maintenance they will have to pay annually."
"Licensing for ManageEngine EventLog Analyzer is paid yearly."
"ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license."
"There is a yearly subscription for the solution."
"ManageEngine EventLog Analyzer is expensive. Its licensing costs are annual."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Manufacturing Company
10%
Financial Services Firm
9%
Government
6%
Computer Software Company
10%
Comms Service Provider
8%
Financial Services Firm
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise2
Large Enterprise5
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise7
Large Enterprise3
 

Questions from the Community

What is your experience regarding pricing and costs for Cortex XSIAM?
I did not participate in pricing discussions for Cortex XSIAM solutions, so I cannot provide a review regarding prices for this solution.
What needs improvement with Cortex XSIAM?
The firewall side can make some improvements. I know the firewall on Cortex XSIAM is based on Windows. From what I have experienced so far, I have seen that the policies you can create are actually...
What needs improvement with ManageEngine EventLog Analyzer?
Last month, we faced an issue with a Hawaiian VPN user activity. It's like a Fortinet device configured for VPN users. When a VPN user logs in, it doesn't really capture the time before this. If yo...
What is your primary use case for ManageEngine EventLog Analyzer?
I find this solution useful for IT devices as a live stream to work with Syshun, serving as both the router and the target. All activities are logged, and they can be accessed within one console. T...
 

Also Known As

No data available
EventLog Analyzer
 

Overview

 

Sample Customers

Information Not Available
Moody National Bank, EnCircle, Goldleaf Financial Solutions, Inc, IBM, Ernst & Young, Micro Linear, Silverbeck-Rymer Solicitors, Provincial Court of British Columbia, Eleventh Judicial Circuit of Florida, OGILVY & MATHER, E! Entertainment, Tribune-Review Publishing Co.
Find out what your peers are saying about Cortex XSIAM vs. ManageEngine EventLog Analyzer and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.