We performed a comparison between ManageEngine EventLog Analyzer and Splunk based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The most valuable feature is that it has native MSSP capabilities and maintains perfect data separation. It does all of that in a very easy-to-manage cloud-based solution."
"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."
"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."
"The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored."
"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."
"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."
"The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."
"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."
"ManageEngine EventLog Analyzer is easy to gather reports to give to management. My supervisor has access to the solution and he enjoys the graphs."
"What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications. It seamlessly integrates throughout the ManageEngine suite, and that's beneficial. I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team."
"The user interface is very good."
"The initial setup is straightforward"
"I have made use of technical support and am certainly very satisfied with them."
"It is stable."
"The connections to the database are very good and updating the data files is simple to do. The dashboards are useful and user-friendly."
"The solution allows easy gathering and ingestion of the data."
"It has quite extensive support in terms of integration. If you want to do anything, there are tools for that."
"The product is good, it satisfies our customers."
"The feature that I have found most valuable with Splunk is the ability to sift through a bunch of data very quickly."
"We have found all the features useful. However, the dashboarding and logging have been very helpful. Additionally, the log analysis does a great job."
"The most valuable features in Splunk are the search function and the ability to run selected session reports. The session reports are important because I can use them to see what is going on in our environment weekly. Additionally, we can use the graph to see how often that particular event is happening."
"The log aggregation is great."
"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."
"The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets."
"I would like to have the ability to create more complex dashboards."
"The overall performance of extraction could be a lot faster, but that's a common problem in this space in general. Also, the stock or default alerting and detecting options could definitely be broader and more all-encompassing. The fact that they're not is why we had to write all our own alerts."
"There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space."
"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."
"There are some issues from an availability and functionality standpoint, meaning the tool is somewhat slow. There were some slow response periods over the past six to nine months, though it has yet to impact us terribly as we are a relatively small shop. We've noticed it, however, so Devo could improve the responsiveness."
"The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc."
"What I'd like to see as an improvement to ManageEngine EventLog Analyzer is for it to be more AI-driven. Having more automation would also make the solution better."
"The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."
"The solution should improve on its log capturing capabilities."
"The scalability is limited."
"The customization of reports could be a lot easier. It is not difficult but it could be made easier."
"The first tier of customer service and support is not great."
"There can be a bit of complexity around some fields during the initial setup."
"Splunk could be improved by reducing the cost. The cost is one of the biggest challenges for us in keeping to our production requirements."
"Its user interface for everything other than the charts can be improved. Some parts of it can be simplified a bit, such as when importing documents that have the network traffic. When you're going through the information about the network traffic, you have to have the expertise, but even if a program is supposed to be for IT support, it is good to make it user-friendly because it gets easier to train people. When something goes wrong, the more difficult a program is in terms of UI, the harder it is to fix the issue."
"I would like Splunk to add more integration. QRadar has many indications with more products than Splunk."
"It needs integration with a configuration management solution."
"The product is relatively expensive."
"I feel the solution to be too slow."
"You do need a lot of training and certification with this product."
More ManageEngine EventLog Analyzer Pricing and Cost Advice →
See how Devo allows you to free yourself from data management, and make machine data and insights accessible.
ManageEngine EventLog Analyzer is ranked 16th in Log Management with 6 reviews while Splunk is ranked 1st in Log Management with 63 reviews. ManageEngine EventLog Analyzer is rated 7.6, while Splunk is rated 8.2. The top reviewer of ManageEngine EventLog Analyzer writes "Easy to adopt and easy to learn but doesn't expand very well". On the other hand, the top reviewer of Splunk writes "Very versatile for many use cases". ManageEngine EventLog Analyzer is most compared with ManageEngine Log360, SolarWinds Kiwi Syslog Server, Fortinet FortiAnalyzer, Wazuh and SolarWinds Security Event Manager , whereas Splunk is most compared with Microsoft Sentinel, Elastic Security, Wazuh, Azure Monitor and AppDynamics. See our ManageEngine EventLog Analyzer vs. Splunk report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
