We performed a comparison between ManageEngine EventLog Analyzer and RSA enVision based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."Sentinel pricing is good"
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"The connectivity and analytics are great."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"It is stable."
"I have made use of technical support and am certainly very satisfied with them."
"The initial setup is straightforward"
"The tool's reports show activities."
"The log management has helped to improve my organization."
"It's one of the easiest products. It's very simple to use."
"What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications. It seamlessly integrates throughout the ManageEngine suite, and that's beneficial. I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team."
"ManageEngine EventLog Analyzer is easy to gather reports to give to management. My supervisor has access to the solution and he enjoys the graphs."
"The most valuable feature of this solution is the reporting."
"The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten."
"The most valuable feature is the management features. It's capable of managing large enterprises."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"It may not be as easy to use as Splunk."
"The customization of reports could be a lot easier. It is not difficult but it could be made easier."
"What I'd like to see as an improvement to ManageEngine EventLog Analyzer is for it to be more AI-driven. Having more automation would also make the solution better."
"The scalability is limited."
"The first tier of customer service and support is not great."
"The solution should improve on its log capturing capabilities."
"There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple."
"The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."
"RSA enVision log manager is out of date and is not in use anymore."
"The integration could be easier, it should support more products."
"In general, the solution currently isn't user-friendly."
More ManageEngine EventLog Analyzer Pricing and Cost Advice →
ManageEngine EventLog Analyzer is ranked 23rd in Security Information and Event Management (SIEM) with 10 reviews while RSA enVision is ranked 36th in Security Information and Event Management (SIEM) with 5 reviews. ManageEngine EventLog Analyzer is rated 7.8, while RSA enVision is rated 6.8. The top reviewer of ManageEngine EventLog Analyzer writes "Modular software that seamlessly integrates with other applications and provides good technical support". On the other hand, the top reviewer of RSA enVision writes "Though the solution offers good technical support, it needs to be made more user-friendly ". ManageEngine EventLog Analyzer is most compared with ManageEngine Log360, Fortinet FortiAnalyzer, Wazuh, SolarWinds Kiwi Syslog Server and SolarWinds Log Analyzer, whereas RSA enVision is most compared with NetWitness Platform, Splunk Enterprise Security and IBM Security QRadar.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.