Coming October 25: PeerSpot Awards will be announced! Learn more

Fortinet FortiAnalyzer vs vRealize Log Insight comparison

Cancel
You must select at least 2 products to compare!
Devo Logo
Read 15 Devo reviews
14,037 views|5,387 comparisons
Fortinet Logo
11,137 views|6,946 comparisons
VMware Logo
6,265 views|5,120 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Fortinet FortiAnalyzer and vRealize Log Insight based on real PeerSpot user reviews.

Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Fortinet FortiAnalyzer vs. vRealize Log Insight report (Updated: September 2022).
634,590 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events.""In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time.""The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before.""Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit.""The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored.""The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us.""The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them.""The real-time analytics of security-related data are super. There are a lot of data feeds going into it and it's very quick at pulling up and correlating the data and showing you what's going on in your infrastructure. It's fast. The way that their architecture and technology works, they've really focused on the speed of query results and making sure that we can do what we need to do quickly. Devo is pulling back information in a fast fashion, based on real-time events."

More Devo Pros →

"The initial setup is straightforward.""The report templates are valuable. It works very well, and integrations also work well.""We have the most data visibility.""The features that our customers have found most valuable are their different type of reports including the drill down report, as well as the flexibility to connect to any number of appliances which can be connected to it centrally.""This solution offers one view of incident management which has been the most valuable feature.""There are customizable workflows that you can work with. You can automate certain tasks in FortiAnaylzer in the incidents and events sections.""FortiAnalyzer has a robust ability to find a compromised host on your network, and when you identify a compromised host, you can address it.""Overall we are satisfied with all the features the solution provides."

More Fortinet FortiAnalyzer Pros →

"vRealize Log Insight has been running without any issues.""One of the most valuable features of vRealize Log Insight is that it gives you a clear forecast about your existing machines, for example, how long your machines could be supported and how long the remaining capacity is to host your machines. This is one of the best options available within vRealize Log Insight. Another valuable feature of the solution is automation. My company deploys a lot of automation when required in a very, very short period, and in a very uniform manner, and even if the automation is being deployed for different processes and departments, it's pretty much the same across the environment, so vRealize Log Insight helps reduce a lot of ambiguities and helps my company manage operational efficiencies well.""It gives the customer a quick overview, so they don't have to dig. There's a clear dashboard with many sensors in a single space. He gets a helicopter view of his environment, but he can investigate further if there are serious issues. It's pretty user-friendly."

More vRealize Log Insight Pros →

Cons
"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments.""Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data.""The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc.""The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets.""One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate.""We only use the core functionality and one of the reasons for this is that their security operation center needs improvement.""There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space.""Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."

More Devo Cons →

"We should be able to do the patch upgrades in a centralized manner. This functionality is currently not there. It would be good to be able to do the firmware updates from one place and at the same time. Currently, if we want to update all appliances, we require FortiManager, which is another solution from Fortinet. Its documentation can be improved. It will be helpful for implementing the product and gaining knowledge for management purposes.""One thing we struggled with FortiAnalyzer was integration with SIEM. We also had issues with the new threats and APTs. There were false positives, so we needed to have some ratings related to false positives.""Though FortiAnalyzer has improved over the last few versions, the user interface still has room for improvement. It's a bit dated-looking.""In terms of what could be improved, sometimes it's lagging and it also has some graphical issues with the GUI.""The traffic monitoring could be better, and stability could be improved.""If Fortinet could introduce some firewalling or maybe FortiAnalyzer on the cloud, that would be interesting because I've never seen it on a cloud.""The user interface could be a bit more user-friendly.""The solution should include the ability to customize reports so that customers receive greater value and high level reporting."

More Fortinet FortiAnalyzer Cons →

"Paid or free does not matter, but it is complex to find good training material for vRealize Log Insight.""What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects.""I would like to see more tutorials or at least an introduction video from the supplier, so you can become proficient and get the most out of the solution. You might not get the full benefit from a logging or reporting solution because you might not have a particular tool enabled. You could leave something out of your analysis because you aren't aware of it or you don't know how to set it up."

More vRealize Log Insight Cons →

Pricing and Cost Advice
  • "I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
  • "Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."
  • "[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."
  • "Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
  • "Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
  • "Our licensing fees are billed annually and per terabyte."
  • "I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
  • "Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
  • More Devo Pricing and Cost Advice →

  • "Its price is okay for us. Fortinet products are cheaper than other solutions."
  • "When you compare with other firewall vendors, FortiAnalyzer is quite competitive in pricing."
  • "In the local market sometimes people are being charged more than other solutions. Although the market is competitive, legitimate suppliers do not receive a large enough discount to pass onto the customers."
  • "I believe that these devices were procured with a five-year maintenance and support license up front. I work at a university, so the vendor provides a considerable higher ed discount."
  • "We found the price of Fortinet FortiAnalyzer to be reasonable."
  • "It is acceptable for on-premises, but it is expensive for the cloud."
  • "FortiAnalyzer was in the product itself, but two years ago they split it from Fortinet. We paid the license two years ago."
  • "The enterprise version of this solution is costly. We have considered FortiAuthenticator for network control, but the pricing was focused on the larger companies and didn't suit our needs as a smaller business."
  • More Fortinet FortiAnalyzer Pricing and Cost Advice →

  • "Pricing is good because it is part of the suite package. It comes in a bundle for us."
  • "The licensing cost for vRealize Log Insight is a little higher, so in terms of cost, it all depends upon what kind of environment you have. If you have a complete virtualized environment, or at least you're using a ninety-five percent virtualized environment, then vRealize Log Insight will play a very good role because it is a VMware component, so it has very tight integration with other VMware components and systems. This means you don't have to procure any other monitoring and management tool, and you don't need a separate automation tool. vRealize Log Insight will have an upper hand if your environment is purely virtualized on VMware. If you're using a mix of physical and virtual components, for example, a 50:50 ratio, then you need to have a third-party component to manage overall monitoring."
  • More vRealize Log Insight Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    634,590 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Devo, like other vendors, doesn't charge extra for playbooks and automation. That way, you are only paying for the side… more »
    Top Answer:I need more empowerment in reporting. For example, when I'm using Qlik or Power BI in terms of reporting for the… more »
    Top Answer:I have found incident management and also identifying new threats, analyzing the network traffic, and finding out the… more »
    Top Answer:When you compare with other firewall vendors, FortiAnalyzer is quite competitive in pricing. They are very aggressive as… more »
    Top Answer:One thing we struggled with FortiAnalyzer was integration with SIEM. We also had issues with the new threats and APTs… more »
    Top Answer:The setup and installation are very easy.
    Top Answer:Log Insight does not cost much when compared to Splunk. The license cost for Splunk or any other monitoring tool is too… more »
    Top Answer:I think there are a lot of areas where the product could be improved. To start with I would like the capability to do… more »
    Comparisons
    Learn More
    Overview

    Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

    Fortinet FortiAnalyzer is a powerful platform used for log management, analytics, and reporting. The solution is designed to provide organizations with automation, single-pane orchestration, and response for simplified security operations, as well as proactive identification and remediation of risks and complete visibility of the entire attack surface.

    Fortinet FortiAnalyzer Features

    Fortinet FortiAnalyzer has many valuable key features. Some of the most useful ones include:

    • Advanced threat detection capabilities
    • Centralized security analytics
    • End-to-end security posture awareness
    • Integration with FortiGate NGFWs, FortiClient, FortiSandbox, FortiWeb, and FortiMail
    • Incident detection and response
    • Playbook automation
    • Event management
    • Security services
    • Analytics and reporting

    Fortinet FortiAnalyzer Benefits

    There are many l benefits to implementing Fortinet FortiAnalyzer. Some of the biggest advantages the solution offers include:

    • Flexible deployment options
    • Enterprise-grade high availability
    • Security automation to reduce complexity, leveraging REST API, scripts, connectors, and automation stitches
    • Multi-tenancy solution with quota management, leveraging (ADOMs) to separate customer data and manage domains for operational effectiveness and compliance

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Fortinet FortiAnalyzer solution.

    PeerSpot user Imad A., Group IT Manager at a manufacturing company, says, “You can monitor all appliances from a centralized location. You have a front dashboard for all our operations and all the logs. If you need to search for anything you can just dig deep into the logs. The solution offers excellent customizable reports. In our case, we needed a monthly report of all internet consumption, and we were able to easily create this.” He goes on to add, “There are pre-defined templates. The logs cover any question or need that we populate within these templates. However, you can also build your own template. There is great analytics that can be used in different departments. For example, our marketing department can go more into media patterns and not just into browsing patterns. Everything is easily visible and can be tracked and studied.”

    Luis G., Systems Architect at Zentius, mentions, “Log collection is the most valuable [feature]. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.”

    Rupsan S., Technical Presales Engineer at Dristi Tech Pvt.ltd., comments, "The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well."

    Dilip S., Regional Head at Mass Infonet (P) Ltd., explains, “With FortiAnalyzer, you can see what the user is doing and what sites he goes to. You can also see how much quota there is and how much (size-wise) you want to hit, as well as what the incoming or outbound traffic is, and if it is through the ISP or not. Basically, you can see absolutely all activity using FortiAnalyzer. The solution is very complete. The product is very simple to use. It's regularly updated with many versions constantly adding more content and information. The solution has sandboxing, IPS, and DPS as well. The solution allows for a lot of customization.”

    vRealize Log Insight is a highly scalable intelligent log management solution for applications and infrastructure in any environment. The machine learning solution delivers an actionable and intuitive dashboard, advanced analysis, and comprehensive third-party extensibility across cloud, virtual and physical environments. This enables searching for quicker troubleshooting across the users’ environment, as well as assisting in monitoring and managing machine data at scale through analyzing immense quantities of log data.

    vRealize Log Insight offers real-time monitoring search and logs analytics with a dashboard for stored queries, reports, and alerts. The solution can build an index for performing analytics by automatically identifying structures in any machine-generated log data, such as network traces, performance data, application logs, messages, system state dumps, configuration files, and more. In addition, the solution accelerates the correlation of events throughout the whole IT environment.

    vRealize Log Insight Web Interface

    Organizations can utilize a centralized log management solution to manage data at scale, as well as have comprehensive visibility across their environment and intelligent analytics for troubleshooting. The solutions’ web interface consists of:

    • The Interactive Analytics Tab - Users can search and filter log events and create queries to extract based on source, text, timestamp, and fields in log events.
    • The Administration Tab - Selected administrators can configure archiving and storage location, control user accounts, and customize an outgoing SMTP server to receive alerts for email notifications.
    • The Dashboards Tab - Through a customizable dashboard, users can access information with a custom set of widgets and view graphs of log events in their environment.
    • The Content Packs Tab - Access content packs, which consist of saved queries, extracted fields, alerts related to a particular product, and dashboards.
    • The Cloud Tab - Log management services can be assisted when users subscribe to vRealize Log Insight Cloud. All users can access the Cloud tab and retain and retrieve them when needed.
    • The Log Sources Tab - Instructions can be found to configure numerous log sources such as Docker, Kubernetes, Fluentd, and more.
    • The Alerts Tab - Customize permissions with the Alerts tab and view, search for, and manage all alerts. Then, depending on user access permission, edit and receive full access to manage all alerts.

    Reviews From Real Users

    vRealize Log Insight has become a solution of choice for users looking for a centralized log management solution with unified log visibility created for DevOps.

    A PeerSpot user who is a systems operations manager at a healthcare company writes, "It is very scalable and can handle a large workload."

    Offer
    See Devo in Action

    See how Devo allows you to free yourself from data management, and make machine data and insights accessible.

    Learn more about Fortinet FortiAnalyzer
    Learn more about vRealize Log Insight
    Sample Customers
    United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
    General Directorate of Information Technology
    Wildlands Adventure Zoo, Medic Mobile, IBM, Seventy Seven Energy, Baystate Health, Osis, Oxford University, Columbia University, Siemens, Cardinal Health, Ashdod Port, Vasakronan, Sydney Adventist Hospital, University of Derby
    Top Industries
    REVIEWERS
    Computer Software Company63%
    Comms Service Provider13%
    Retailer13%
    Insurance Company13%
    VISITORS READING REVIEWS
    Computer Software Company22%
    Comms Service Provider14%
    Financial Services Firm9%
    Government9%
    REVIEWERS
    Comms Service Provider27%
    Financial Services Firm12%
    Real Estate/Law Firm8%
    Healthcare Company8%
    VISITORS READING REVIEWS
    Comms Service Provider25%
    Computer Software Company22%
    Government8%
    Educational Organization4%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Government12%
    Comms Service Provider12%
    Financial Services Firm10%
    Company Size
    REVIEWERS
    Small Business24%
    Midsize Enterprise18%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise16%
    Large Enterprise62%
    REVIEWERS
    Small Business50%
    Midsize Enterprise23%
    Large Enterprise27%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise20%
    Large Enterprise52%
    REVIEWERS
    Small Business27%
    Midsize Enterprise47%
    Large Enterprise27%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise15%
    Large Enterprise68%
    Buyer's Guide
    Fortinet FortiAnalyzer vs. vRealize Log Insight
    September 2022
    Find out what your peers are saying about Fortinet FortiAnalyzer vs. vRealize Log Insight and other solutions. Updated: September 2022.
    634,590 professionals have used our research since 2012.

    Fortinet FortiAnalyzer is ranked 9th in Log Management with 31 reviews while vRealize Log Insight is ranked 15th in Log Management with 3 reviews. Fortinet FortiAnalyzer is rated 8.2, while vRealize Log Insight is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "It creates a central point of management and control, giving you real-time insight into what is going on. ". On the other hand, the top reviewer of vRealize Log Insight writes "Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk, Graylog, Elastic Security and ManageEngine EventLog Analyzer, whereas vRealize Log Insight is most compared with Splunk, Elastic Security, IBM QRadar, Graylog and LogRhythm NextGen SIEM. See our Fortinet FortiAnalyzer vs. vRealize Log Insight report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.