ManageEngine EventLog Analyzer vs i-SIEM Comparison 2024

Sponsored

Microsoft Sentinel

Read 85 Microsoft Sentinel reviews

31,886 views|17,713 comparisons

i-SIEM

Read 1 i-SIEM review

625 views|473 comparisons

ManageEngine EventLog Analyzer

Read 10 ManageEngine EventLog Analyzer reviews

2,509 views|1,609 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Security Information and Event Management (SIEM)

April 2024

Executive Summary

We performed a comparison between i-SIEM and ManageEngine EventLog Analyzer based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM).

To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: April 2024).

Download the complete report

769,662 professionals have used our research since 2012.

Featured Review

Nagendra Nekkala

Senior Manager ICT & Innovations at Bangalore International Airport Limited

Provides a unified set of tools to detect, investigate, and respond to incidents and enables proactive threat hunting

We use the tool because we want a solution that can quickly analyze large volumes of data across the enterprise. Microsoft Sentinel is a one-stop... Read more →

Dannie Combs

Senior Vice President and Chief Information Security Officer at Donnelley Financial Solutions

The alert fatigue and false positive rates have just plummeted, which is really exciting.

We have a significantly higher confidence in our ability to automate mitigations. We've had technologies across SOAR and cyber threat intelligence... Read more →

Anonymous User

Manager at a comms service provider

Easy to use with good monitoring and management

I used the solution alongside others to run some tests for a client, and they decided which solution they wanted to use.

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"We are able to deploy within half an hour and we only require one person to complete the implementation.""The product can integrate with any device.""Log aggregation and data connectors are the most valuable features.""It's pretty powerful and its performance is pretty good.""The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user.""The features that stand out are the detection engine and its integration with multiple data sources.""Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents.""Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."

More Microsoft Sentinel Pros →

"As a result of the automation, we are able to manage SIEM with a small security team. I'm in a unique position where we have been growing the security organization quite rapidly over the last three and a half years. But, as a direct result of the empow transition and legacy collection of tools towards the empow platform, we've been able to keep that head count flat. We've been able to redirect a lot of the security team's time away from the wash, rinse, repeat activities of responding to alarms where we have a high degree of confidence that they will be false positives, adjusting the rules accordingly. This can be a bit frustrating for the analyst when they have to spend hours a day dealing with these types of probable false positives. So, it has helped not only us keep our headcount flat relative to the resources necessary to provide the assurances that our executives expect of us for monitoring, but allows our analyst team to spend the majority of their time doing what they love. They are spending their time meaningfully with a higher degree of confidence and enjoying getting into the incident response type activity."

More i-SIEM Pros →

"The tool's reports show activities.""It is stable.""The initial setup is straightforward""The most valuable features of ManageEngine EventLog Analyzer are the number of capabilities, file integration monitoring, web server log collection, and alert configuration.""The user interface is very good.""It's one of the easiest products. It's very simple to use.""The log management has helped to improve my organization.""I have made use of technical support and am certainly very satisfied with them."

More ManageEngine EventLog Analyzer Pros →

Cons

"The solution should allow for a streamlined CI/CD procedure.""I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them.""If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details.""Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc.""It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools.""There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds.""We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed.""The product can be improved by reducing the cost to use AI machine learning."

More Microsoft Sentinel Cons →

"Relative to keeping up with the sheer pace of cloud-native technologies, it should provide more options for clients to deploy their technologies in unique ways. This is an area that I recommend that they maintain focus."

More i-SIEM Cons →

"I would like to see more detailed reports.""There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple.""It may not be as easy to use as Splunk.""The customization of reports could be a lot easier. It is not difficult but it could be made easier.""The solution should improve on its log capturing capabilities.""The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability.""Support could improve to make the solution better.""The scalability is limited."

More ManageEngine EventLog Analyzer Cons →

Pricing and Cost Advice

"It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."

"It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"

"Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."

"I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."

"It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."

"I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."

"Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."

"Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

More Microsoft Sentinel Pricing and Cost Advice →

"With a higher degree of fidelity in the alarms, we were able to avoid adding additional resources to our teams. We take into account the cost of security resources in the market and the significantly higher fidelity from the alarms that are being generated. This drove down our costs with our MSSP. It drove down my cost for human capital internally. It drove down our need to have multiple resources supporting the underlying infrastructure and health and maintenance of empow as a platform from several resources down to one. Therefore, human capital costs were significantly reduced. Our operating expenses were significantly reduced. Our capital costs were significantly reduced while tripling our capacity and our run rate reduced. It was almost a "too good to be true" situation. Fortunately, for us, it worked out very nicely."

"I don't have to put up with any longer with these hypercomplex licensing agreements. Every time I want to add some additional reporting as a compliance centric or regulatory specific, e.g., GDPR, PCI, or Sarbanes-Oxley, many providers would have an additional license for this, which felt a bit ridiculous to me. With the simplified licensing architecture, there were no hidden "gotchas" down the road with empow. Something I have experienced with other providers that I've worked with in the past."

More i-SIEM Pricing and Cost Advice →

"There is a license required for these solutions. The customer can choose the license type, such as an annual license purchase or a perpetual license. If the customer wants maintenance they will have to pay annually."

"There is a yearly subscription for the solution."

"ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license."

"Licensing for ManageEngine EventLog Analyzer is paid yearly."

"We paid for the license of the solution and the deployment. The price of ManageEngine EventLog Analyzer is less expensive than other solutions."

"ManageEngine EventLog Analyzer is expensive. Its licensing costs are annual."

More ManageEngine EventLog Analyzer Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See Recommendations

769,662 professionals have used our research since 2012.

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threa...

Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »

Read all 10 answers →

What is a better choice, Splunk or Azure Sentinel?

Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »

Which is better - Azure Sentinel or AWS Security Hub?

Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »

Read all 2 answers →

Ask a question

Earn 20 points

What do you like most about ManageEngine EventLog Analyzer?

Top Answer:The tool's reports show activities.

Read all 10 answers →

What needs improvement with ManageEngine EventLog Analyzer?

Top Answer:I would like to see more detailed reports.

Read all 9 answers →

What is your primary use case for ManageEngine EventLog Analyzer?

Top Answer:We use ManageEngine EventLog Analyzer for remote logging.

Read all 9 answers →

Comparisons

AWS Security Hub vs. Microsoft Sentinel

Compared 17% of the time.

IBM Security QRadar vs. Microsoft Sentinel

Compared 12% of the time.

Splunk Enterprise Security vs. Microsoft Sentinel

Compared 6% of the time.

Microsoft Defender for Cloud vs. Microsoft Sentinel

Compared 6% of the time.

Elastic Security vs. Microsoft Sentinel

Compared 5% of the time.

More Microsoft Sentinel Competitors →

Splunk Enterprise Security vs. i-SIEM

Compared 38% of the time.

AlienVault OSSIM vs. i-SIEM

Compared 23% of the time.

IBM Watson for Cyber Security vs. i-SIEM

Compared 19% of the time.

AWS Security Hub vs. i-SIEM

Compared 19% of the time.

More i-SIEM Competitors →

ManageEngine Log360 vs. ManageEngine EventLog Analyzer

Compared 33% of the time.

Fortinet FortiAnalyzer vs. ManageEngine EventLog Analyzer

Compared 12% of the time.

Wazuh vs. ManageEngine EventLog Analyzer

Compared 11% of the time.

SolarWinds Kiwi Syslog Server vs. ManageEngine EventLog Analyzer

Compared 8% of the time.

Splunk Enterprise Security vs. ManageEngine EventLog Analyzer

Compared 3% of the time.

More ManageEngine EventLog Analyzer Competitors →

Also Known As

Azure Sentinel

EventLog Analyzer

Learn More

Microsoft

empow

ManageEngine

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

If you had to invent the perfect SIEM from scratch it would combine a rules-free engine and a voluminous and continually updated database of threats. Well, the dream SIEM is here today. empow uses its proprietary AI and natural language processing to read the minds of attackers and determine the intent of each kernel of IP data.

This power is now integrated with Elastic’s database and search capabilities. Think of it as an integrated “i-SIEM empowered by Elastic" - bringing enterprises a single place to manage all of their IT and data security functions. It’s a scalable data lake solution, with empow’s SIEM serving as an active infrastructure brain that detects, confirms and prevents attacks before they do harm.

Your organizations IT infrastructure generate huge amount of logs every day and these machine generated logs have vital information that can provide powerful insights and network security intelligence into user behaviors, network anomalies, system downtime, policy violations, internal threats, regulatory compliance, etc. However, the task of analyzing these event logs and syslogs without automated log analyzer tools can be both time-consuming and painful if done manually.

EventLog Analyzer provides the most cost-effective Security Information and Event Management (SIEM) software on the market. Using this Log Analyzer software, organizations can automate the entire process of managing terabytes of machine generated logs by collecting, analyzing, correlating, searching, reporting, and archiving from one central location. This event log analyzer software helps to monitor file integrity, conduct log forensics analysis, monitor privileged users and comply to different compliance regulatory bodies by intelligently analyzing your logs and instantly generating a variety of reports like user activity reports, historical trend reports, and more.

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.

University of Oklahoma, Donnelley

Moody National Bank, EnCircle, Goldleaf Financial Solutions, Inc, IBM, Ernst & Young, Micro Linear, Silverbeck-Rymer Solicitors, Provincial Court of British Columbia, Eleventh Judicial Circuit of Florida, OGILVY & MATHER, E! Entertainment, Tribune-Review Publishing Co.

Top Industries

REVIEWERS

Financial Services Firm22%

Computer Software Company11%

Manufacturing Company8%

Comms Service Provider8%

VISITORS READING REVIEWS

Computer Software Company16%

Financial Services Firm10%

Government9%

Manufacturing Company7%

VISITORS READING REVIEWS

Computer Software Company20%

Healthcare Company13%

Financial Services Firm11%

Real Estate/Law Firm9%

REVIEWERS

Government25%

Insurance Company25%

Computer Software Company13%

Manufacturing Company13%

VISITORS READING REVIEWS

Computer Software Company21%

Manufacturing Company8%

Government7%

Financial Services Firm7%

Company Size

REVIEWERS

Small Business33%

Midsize Enterprise21%

Large Enterprise47%

VISITORS READING REVIEWS

Small Business25%

Midsize Enterprise16%

Large Enterprise59%

VISITORS READING REVIEWS

Small Business33%

Midsize Enterprise15%

Large Enterprise53%

REVIEWERS

Small Business33%

Midsize Enterprise50%

Large Enterprise17%

VISITORS READING REVIEWS

Small Business32%

Midsize Enterprise19%

Large Enterprise49%

Buyer's Guide

Security Information and Event Management (SIEM)

April 2024

Download Free Report

Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM). Updated: April 2024.

DOWNLOAD NOW

769,662 professionals have used our research since 2012.

i-SIEM is ranked 44th in Security Information and Event Management (SIEM) while ManageEngine EventLog Analyzer is ranked 23rd in Security Information and Event Management (SIEM) with 10 reviews. i-SIEM is rated 9.0, while ManageEngine EventLog Analyzer is rated 7.8. The top reviewer of i-SIEM writes "The alert fatigue and false positive rates have just plummeted, which is really exciting". On the other hand, the top reviewer of ManageEngine EventLog Analyzer writes "Modular software that seamlessly integrates with other applications and provides good technical support". i-SIEM is most compared with Splunk Enterprise Security, AlienVault OSSIM, IBM Watson for Cyber Security and AWS Security Hub, whereas ManageEngine EventLog Analyzer is most compared with ManageEngine Log360, Fortinet FortiAnalyzer, Wazuh, SolarWinds Kiwi Syslog Server and Splunk Enterprise Security.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

ManageEngine EventLog Analyzer vs i-SIEM comparison