We performed a comparison between IBM Security QRadar and ManageEngine Log360 based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"It has basic out-of-the-box integrations with multiple log sources."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The pricing of the product is excellent."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The features that stand out are the detection engine and its integration with multiple data sources."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"Search capabilities are sufficient for most tasks."
"We can easily monitor many things using this tool."
"It also has a graph that shows the traffic history. I can see what happened yesterday or today. If there's an incident, I can check the traffic behavior on QRadar."
"Integration is very easy and the reporting is good."
"Integrations are quite a useful and key feature of this solution. It has integration with the CVSS score, which is a central point for all the data and scores about the threats. There is an IBM Bluemix dashboard that is integrated with the CVSS score."
"I like the graphical interface. It's so good and easy."
"We run 65 servers globally with just two people: an engineering person and me."
"It protect us from multiple authentication values, unauthorized access and antivirus threats."
"It is nice to be able to monitor and to have notifications."
"We haven't had any stability issues."
"The solution could be improved by including XDR, remediation and Sandbox."
"ManageEngine Log360 is not difficult to deploy."
"The product is very user-friendly."
"The deployment is quite simple and pretty straightforward."
"The reports that you can run are really nice."
"The reporting is great. Everything you need is in the report for you already."
"The AI capabilities must be improved."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"The solution lacks vendor support."
"The AQL queries could be better."
"Needs better visualization options beyond the time series charts and a few other options that they have."
"I don't give it a 10 because it is something we have to request. I would love it if UBA was included out of the box like Microsoft."
"It would be better if it were more stable and more secure. The price for maintenance could be better. It's too high. In the next release, I think they should focus on the price and the operation."
"I need a solution which will send alerts in the event of any behavior."
"It is not app based."
"IBM is going through some problems with its resources currently making its support response time slow."
"Their technical support should be improved."
"It takes a little bit of time for Log360 to actually learn your environment."
"It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system."
"The matter of the data retention needs to be addressed."
"The solution lacks some features when compared to other products."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
"It is not expensive compared to other solutions."
"The integration with SharePoint and Teams should be improved."
IBM Security QRadar is ranked 6th in Log Management with 198 reviews while ManageEngine Log360 is ranked 25th in Log Management with 15 reviews. IBM Security QRadar is rated 8.0, while ManageEngine Log360 is rated 7.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Fortinet FortiSIEM, whereas ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security and Fortinet FortiSIEM. See our IBM Security QRadar vs. ManageEngine Log360 report.
See our list of best Log Management vendors, best Security Information and Event Management (SIEM) vendors, and best User Entity Behavior Analytics (UEBA) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.