We performed a comparison between Elastic Security and ManageEngine Log360 based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"It has a lot of great features."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"Elastic Security is very easy to adapt."
"The visualization is very good."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"It's open-source and free to use."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"Elastic is straightforward, easy to integrate, and highly customizable."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities."
"It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect."
"The solution could be improved by including XDR, remediation and Sandbox."
"The Sharecon feature is the most valuable."
"The reports that you can run are really nice."
"It is easier to deploy than are other SIEMs, which is great. You can also get an overview of your environment, which is very handy."
"We haven't had any stability issues."
"The reporting is great. Everything you need is in the report for you already."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"I would like to see more AI used in processes."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"Their visuals and graphs need to be better."
"Sometimes, the solution isn't the easiest to use."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"The solution needs to improve hub storage. It should integrate AI and ML capabilities."
"It is not expensive compared to other solutions."
"The matter of the data retention needs to be addressed."
"We can log in as a local user, and it's fine, but when we login with an Active Directory user, we cannot."
"It takes a little bit of time for Log360 to actually learn your environment."
"The integration with SharePoint and Teams should be improved."
"Their technical support should be improved."
"The support needs improvement."
Elastic Security is ranked 5th in Log Management with 58 reviews while ManageEngine Log360 is ranked 25th in Log Management with 15 reviews. Elastic Security is rated 7.6, while ManageEngine Log360 is rated 7.2. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender for Endpoint and CrowdStrike Falcon, whereas ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security, Fortinet FortiSIEM and LogRhythm SIEM. See our Elastic Security vs. ManageEngine Log360 report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
