No more typing reviews! Try our Samantha, our new voice AI agent.

Microsoft Sentinel vs NNT Log Tracker Enterprise comparison

Microsoft and Netwrix are both solutions in the Security Information and Event Management (SIEM) category. Microsoft is ranked #4 with an average rating of 8.4, while Netwrix is ranked #59. Microsoft holds a 4.6% mindshare in SIEM, compared to Netwrix’s 0.7% mindshare. Additionally, 93% of Microsoft users are willing to recommend the solution, compared to 100% of Netwrix users who would recommend it.
Microsoft Sentinel
Read 107 Microsoft Sentinel reviews
  • 16,593 Views
  • 9,292 Comparison Views
93% willing to recommend
NNT Log Tracker Enterprise
Read 4 NNT Log Tracker Enterprise reviews
  • 1,133 Views
  • 827 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

NNT Log Tracker Enterprise and Microsoft Sentinel compete in the security solutions category. Microsoft Sentinel appears to have an upper hand due to its features and ease of deployment, while NNT Log Tracker Enterprise stands out in support and pricing.

Features: NNT Log Tracker Enterprise offers robust security controls, flexible reporting, and efficient system monitoring. Microsoft Sentinel provides comprehensive integration capabilities, advanced threat detection, and extensive analytics.

Room for Improvement: NNT Log Tracker Enterprise requires a more intuitive setup process, enhanced scalability, and better support for larger data volumes. Microsoft Sentinel needs improvements in documentation, enhanced user training, and more streamlined initial setup.

Ease of Deployment and Customer Service: NNT Log Tracker Enterprise is relatively straightforward to deploy with commendable customer service. Microsoft Sentinel, while more complex in deployment, benefits from Microsoft's extensive support network and resources.

Pricing and ROI: NNT Log Tracker Enterprise is cost-effective, providing a quicker return on investment. Microsoft Sentinel, though pricier, offers value through its features and integrations. NNT Log Tracker Enterprise is seen as better suited for budget-conscious organizations.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Microsoft Sentinel vs. NNT Log Tracker Enterprise Report (Updated: March 2026).
Buyer's Guide
Microsoft Sentinel vs. NNT Log Tracker Enterprise
March 2026
Download the complete report
Helped 885,376 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Sentinel
Ranking in Security Information and Event Management (SIEM)
4th
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
107
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (1st), Microsoft Security Suite (6th), AI-Powered Cybersecurity Platforms (5th)
NNT Log Tracker Enterprise
Ranking in Security Information and Event Management (SIEM)
59th
Average Rating
8.2
Number of Reviews
4
Ranking in other categories
Log Management (56th)
 

Mindshare comparison

As of March 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Microsoft Sentinel is 4.6%, down from 7.5% compared to the previous year. The mindshare of NNT Log Tracker Enterprise is 0.7%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Microsoft Sentinel4.6%
NNT Log Tracker Enterprise0.7%
Other94.7%
Security Information and Event Management (SIEM)
 

Featured Reviews

Kallamuddin Ansari - PeerSpot reviewer
Kallamuddin Ansari
Cyber Security Consultant at ProTechmanize
Centralized monitoring has improved threat response but cost control still needs refinement
Based on real operations used in our corporate IT environment, the key features include log correlation and incident view. Microsoft Sentinel's biggest strength is how it correlates multiple related alerts into a single incident. This significantly reduces alert noise and helps the SOC focus on real threats instead of isolated events. Another valuable feature is KQL-based threat hunting with Kusto Query Language. The flexibility of this language allows us to build custom hunting queries based on our environment's behavior. This is extremely useful for detecting low and slow threats or hidden threats that default rules may miss. Cloud-native scalability and stability is another important feature. Being cloud-native, Microsoft Sentinel scales well for medium to large corporate environments without infrastructure management. Stability has been solid in day-to-day production. SOAR automation using playbooks is a feature we highly recommend. Microsoft Sentinel's SOAR functionality helps automate repetitive SOC tasks like alert enrichment and notification. This saves analyst time and improves response consistency.
Read full review
JT
Jagganath Tendle
Senior Infra Manager at a tech vendor with 10,001+ employees
Great for PCI compliance but issues with stability and large amounts of data
I mainly use this solution to meet PCI compliance The automation of compliance reports and the correlation of the log have been major improvements.  The most valuable feature is the predefined reports for PCI compliance. The correlation suite needs to be improved. I also think they need to…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Sentinel lets us investigate threats and comprehensively respond from one console."
"It has a lot of great features."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The main benefit is the ease of integration."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
More Microsoft Sentinel pros
"The Change Tracker tool is very good and will reduce your overall workload."
"The automation of compliance reports and the correlation of the log have been major improvements."
"If you want to deploy a SIEM and you want it to be simple, and not deal with much maintenance or help from the OEM, then I would say that NNT is the one."
"This is a very easy-to-use interface with a quick ramp-up time."
"The most valuable feature is the predefined reports for PCI compliance."
"The FIM features in the Change Tracker and the Log Tracker are the most valuable."
"File integrity monitoring is a very important function."
"Customer Service: The service we've seen from NNT to date has been extraordinarily good."
 

Cons

"Microsoft Sentinel is definitely costly. If we factor in the cost of other services, MCAS, MDI, and Microsoft Defender for Cloud, it gets seriously costly, to the extent that we cannot enable it across the organization."
"Our SIEM is only as good as the information we are ingesting. We are all human and we forget to ingest things."
"I think any feature which can further help streamline the different security products Microsoft offers would be beneficial."
"There is room for improvement in terms of integrations. We have some tools, such as our off-site Meraki firewalls, that have not fully integrated with Sentinel. We lack integration for Syslogs into Sentinel."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"We have experienced some performance problems in the UK and, when we transferred to a different region, we lost some of our workspaces, which was shocking; if Microsoft needs to failover to another region, the customer should be informed because it affects many things."
More Microsoft Sentinel cons
"I would like to see the integration of AI technology, so rather than manually monitoring the logs, the tool will understand it and take care of it."
"It is able to identify the vulnerability, however, they need an option to auto-mitigate."
"Only one minor deployment issue came up and it was resolved quickly. No other areas of improvement come to mind yet."
"There are some issues with the stability - the correlation engine has failed multiple times, and the reports sometimes take too long, so we have to involve the tech team to get them."
"It is able to identify the vulnerability, however, they need an option to auto-mitigate."
"The correlation suite needs to be improved."
"For the NNT Log Tracker and Change Tracker, they have to make their knowledge base available online because there is very little information available on the internet."
 

Pricing and Cost Advice

"The price is reasonable because Sentinel includes features like user behavior analytics and SOAR that are typically sold separately. Overall, a standalone on-prem solution would require some high-end servers, and there's a different cost. It is a cloud-based solution, so there are backend cloud computing costs, but they are negligible."
"It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
"Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."
"Sentinel is costly."
"Sentinel's price is comparable to pretty much everything out there. None of it is cheap, but we didn't think we could save money by going a different route. Sentinel was part of our Azure expenditures, so it was easier to add the expense instead of having a completely separate vendor."
"Microsoft Sentinel is pretty expensive, and they recently announced that they will increase the price of all Microsoft services running in Azure by 11 percent. Luckily, I'm not responsible for the financial side. For one of my clients, the estimated cost is 880,000 euros for one year. There are additional costs for the service agreement."
"It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
"Microsoft Sentinel's pricing is relatively expensive and extremely confusing."
More Microsoft Sentinel pricing and cost advice
"We have selected a perpetual license along with support."
"Consider both their on-premises solution and their hosted solution. Both are reasonably priced."
"NNT's pricing is moderate - I would rate their pricing two-and-a-half out of ten."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
885,376 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Financial Services Firm
10%
Manufacturing Company
9%
Government
8%
Construction Company
23%
Manufacturing Company
10%
University
7%
Healthcare Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business41
Midsize Enterprise22
Large Enterprise46
No data available
 

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
See all answers
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
Ask a question
Earn 20 points
 

Comparisons

AWS Security Hub vs Microsoft Sentinel Logo
AWS Security Hub vs Microsoft Sentinel
Compared 17% of the time
SentinelOne Singularity AI SIEM vs Microsoft Sentinel Logo
SentinelOne Singularity AI SIEM vs Microsoft Sentinel
Compared 5% of the time
Cortex XSIAM vs Microsoft Sentinel Logo
Cortex XSIAM vs Microsoft Sentinel
Compared 5% of the time
IBM Security QRadar vs Microsoft Sentinel Logo
IBM Security QRadar vs Microsoft Sentinel
Compared 4% of the time
CrowdStrike Falcon vs Microsoft Sentinel Logo
CrowdStrike Falcon vs Microsoft Sentinel
Compared 4% of the time
More Microsoft Sentinel Competitors
IBM Security QRadar vs NNT Log Tracker Enterprise Logo
IBM Security QRadar vs NNT Log Tracker Enterprise
Compared 11% of the time
Splunk Enterprise Security vs NNT Log Tracker Enterprise Logo
Splunk Enterprise Security vs NNT Log Tracker Enterprise
Compared 10% of the time
SIEMStorm vs NNT Log Tracker Enterprise Logo
SIEMStorm vs NNT Log Tracker Enterprise
Compared 7% of the time
Devo vs NNT Log Tracker Enterprise Logo
Devo vs NNT Log Tracker Enterprise
Compared 6% of the time
NetWitness Platform vs NNT Log Tracker Enterprise Logo
NetWitness Platform vs NNT Log Tracker Enterprise
Compared 5% of the time
More NNT Log Tracker Enterprise Competitors
 

Product Reports

Buyer's Guide
Microsoft Sentinel
March 2026
Microsoft Sentinel reportDownload Microsoft Sentinel product report
Buyer's Guide
Log Management
March 2026
NNT Log Tracker Enterprise reportDownload NNT Log Tracker Enterprise product report
 

Also Known As

Azure Sentinel
No data available
 

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Microsoft

NNT Log Tracker Enterprise is a comprehensive and easy-to-use Security Information and Event Management (SIEM) solution for any compliance mandate providing:

  • Enterprise-class SIEM capabilities.
  • Compliance Automation.
  • User and System Activity Audit trails.
  • Network Anomaly forensics.
  • Proactive Threat Detection.
Netwrix
 

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
Wonga, WHSmith
Buyer's Guide
Microsoft Sentinel vs. NNT Log Tracker Enterprise
March 2026
Free Report: Microsoft Sentinel vs. NNT Log Tracker Enterprise
Find out what your peers are saying about Microsoft Sentinel vs. NNT Log Tracker Enterprise and other solutions. Updated: March 2026.
DOWNLOAD NOW
885,376 professionals have used our research since 2012.
See our Microsoft Sentinel vs. NNT Log Tracker Enterprise report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.