We performed a comparison between Fortinet FortiSIEM and ManageEngine EventLog Analyzer based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"The machine learning and artificial intelligence on offer are great."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The primary valuable feature is that it has replaced a whole lot of other products with one platform."
"It's a very nice solution to work with."
"FortiSIEM is a great tool for making security processes transparent."
"To add workers and even collectors is pretty easy."
"Fortinet FortiSIEM provides good detection against advanced threats."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"Our customer did not have security monitoring in the first place. With this solution, it provided security posture management and visibility about the security landscape and threats that they had."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"The most valuable features of ManageEngine EventLog Analyzer are the number of capabilities, file integration monitoring, web server log collection, and alert configuration."
"I have made use of technical support and am certainly very satisfied with them."
"The log management has helped to improve my organization."
"It's one of the easiest products. It's very simple to use."
"It is stable."
"The tool's reports show activities."
"What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications. It seamlessly integrates throughout the ManageEngine suite, and that's beneficial. I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team."
"The user interface is very good."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"FortiSIEM is not a market leader in the SIEM space."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.vvv"
"The stability of the product is an area of concern where improvements are required."
"Patching is not great - we're not getting the support we'd expect."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"The backup and recovery process for this solution needs improvement."
"The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."
"I would like to see more detailed reports."
"The customization of reports could be a lot easier. It is not difficult but it could be made easier."
"The scalability is limited."
"The first tier of customer service and support is not great."
"It may not be as easy to use as Splunk."
"What I'd like to see as an improvement to ManageEngine EventLog Analyzer is for it to be more AI-driven. Having more automation would also make the solution better."
"The solution should improve on its log capturing capabilities."
More ManageEngine EventLog Analyzer Pricing and Cost Advice →
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while ManageEngine EventLog Analyzer is ranked 23rd in Security Information and Event Management (SIEM) with 10 reviews. Fortinet FortiSIEM is rated 7.6, while ManageEngine EventLog Analyzer is rated 7.8. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of ManageEngine EventLog Analyzer writes "Modular software that seamlessly integrates with other applications and provides good technical support". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and Meraki Dashboard, whereas ManageEngine EventLog Analyzer is most compared with ManageEngine Log360, Fortinet FortiAnalyzer, Wazuh, SolarWinds Kiwi Syslog Server and SolarWinds Log Analyzer. See our Fortinet FortiSIEM vs. ManageEngine EventLog Analyzer report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.