No more typing reviews! Try our Samantha, our new voice AI agent.

Microsoft Sentinel vs SmartEvent Event Management comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Sentinel
Ranking in Security Information and Event Management (SIEM)
4th
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
108
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (2nd), Microsoft Security Suite (6th), AI-Powered Cybersecurity Platforms (6th)
SmartEvent Event Management
Ranking in Security Information and Event Management (SIEM)
58th
Average Rating
5.6
Reviews Sentiment
6.7
Number of Reviews
2
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Microsoft Sentinel is 3.9%, down from 6.8% compared to the previous year. The mindshare of SmartEvent Event Management is 0.4%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Microsoft Sentinel3.9%
SmartEvent Event Management0.4%
Other95.7%
Security Information and Event Management (SIEM)
 

Featured Reviews

Kallamuddin Ansari - PeerSpot reviewer
Cyber Security Consultant at HR Software Solution
Centralized monitoring has improved threat response but cost control still needs refinement
Based on real operations used in our corporate IT environment, the key features include log correlation and incident view. Microsoft Sentinel's biggest strength is how it correlates multiple related alerts into a single incident. This significantly reduces alert noise and helps the SOC focus on real threats instead of isolated events. Another valuable feature is KQL-based threat hunting with Kusto Query Language. The flexibility of this language allows us to build custom hunting queries based on our environment's behavior. This is extremely useful for detecting low and slow threats or hidden threats that default rules may miss. Cloud-native scalability and stability is another important feature. Being cloud-native, Microsoft Sentinel scales well for medium to large corporate environments without infrastructure management. Stability has been solid in day-to-day production. SOAR automation using playbooks is a feature we highly recommend. Microsoft Sentinel's SOAR functionality helps automate repetitive SOC tasks like alert enrichment and notification. This saves analyst time and improves response consistency.
Adhi Wahyu - PeerSpot reviewer
Network Engineer at RSUP Dr. Sardjito
Transparent and offers real-time analysis but needs more documentation
The solution provides us with transparency to give us information about what happens in the network. With this information, the administrator can see a lot of things. They can see hacking attempts from the internet that target our servers, and, with that information, they can check the security settings in the server to see if it is strong enough or not, and make sure the servers is safe. They also can see attacks directed to the endpoint. We know which endpoint got infected so we can take action to clean it. The software also has good reporting capabilities. We can create custom reports according to our needs.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"From a visibility and compatibility perspective, it's really a nice product to have as a SIEM solution for your cloud environment."
"Microsoft Sentinel has greatly increased our security."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"While Microsoft Sentinel provides a log of security events, its true power lies in its integration with Microsoft Defender."
"Microsoft Sentinel does give me a unified set of tools to detect, investigate, and respond to incidents, and this unified approach is important to me because in today's world with numerous tools available, it's quite important."
"The Log analytics are useful."
"Microsoft Sentinel has made it easier for us to sell SOC-as-a-Service to, more or less, any customer and not just the big ones."
"SmartEvent Event Management is a solid platform overall, and I would definitely recommend it."
"The capability of real-time analysis of security events is useful."
 

Cons

"Their support can be challenging at times, particularly around unique experiences or circumstances with Microsoft Sentinel."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"Microsoft Sentinel should continue adding support for several other security brands because sometimes you have a firewall from a different brand and if you cannot correlate or integrate that seamlessly, it creates multiple points of checking information, which diminishes efficiency."
"There is room for improvement in terms of integrations. We have some tools, such as our off-site Meraki firewalls, that have not fully integrated with Sentinel. We lack integration for Syslogs into Sentinel."
"The solution could improve the playbooks."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"In New Zealand, there are customers that run dual stack, running Microsoft but also competitor products, EDR software, cloud security software, and other tooling. While it's improved over the last four or five years, there's still more work that can be done to integrate better outside of the Microsoft ecosystem."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"They should provide easy to access guides or manuals, maybe videos, about how to manage or use the software effectively and efficiently, to maximize its features."
"The only downside I've encountered with SmartEvent Event Management is occasional lag during video calls, especially with a lot of participants."
 

Pricing and Cost Advice

"I have worked with a lot of SIEMs. We are using Sentinel three to four times more than other SIEMs that we have used. Azure Sentinel's only limitation is its price point. Sentinel costs a lot if your ingestion goes up to a certain point."
"Sentinel's price is comparable to pretty much everything out there. None of it is cheap, but we didn't think we could save money by going a different route. Sentinel was part of our Azure expenditures, so it was easier to add the expense instead of having a completely separate vendor."
"I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
"Cost-wise, Sentinel is based on the volume of information being ingested, so it can be quite pricey. The ability to use strategies to control what data is being ingested is important."
"Microsoft is costlier. Some organizations may not be able to afford the cost of Sentinel orchestration and the Log Analytics workspace. The transaction hosting cost is also a little bit on the high side, compared to AWS and GCP."
"It is certainly the most expensive solution. The cost is very high. We need to do an assessment using the one-month trial so that we can study the cost side. Before implementing it, we must do a careful calculation."
"I'm not happy with the pricing on the integration with Defender for Endpoint. Defender for Endpoint is log-rich. There is a lot of information coming through, and it is needed information. The price point at which you ingest those logs has made a lot of my customers make the decision to leave that within the Defender stack."
"Sentinel can be expensive. When you ingest data from sources that are outside of the cloud, you're paying a fair amount for that data ingestion. When you're ingesting data sources from within the cloud, depending on what your retention periods are, it's not that expensive."
Information not available
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
11%
Manufacturing Company
11%
Computer Software Company
10%
Government
7%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise24
Large Enterprise46
No data available
 

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What needs improvement with SmartEvent Event Management?
The only downside I've encountered with SmartEvent Event Management ( /categories/event-monitoring ) is occasional lag during video calls, especially with a lot of participants. Although it is not ...
What is your primary use case for SmartEvent Event Management?
Our primary use case involves utilizing SmartEvent Event Management ( /products/smartevent-event-management-reviews ) for video conferencing, file sharing, and integration with other productivity t...
What advice do you have for others considering SmartEvent Event Management?
SmartEvent Event Management is a solid platform overall, and I would definitely recommend it. I would rate the overall solution four out of five stars.
 

Also Known As

Azure Sentinel
No data available
 

Overview

 

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
Information Not Available
Find out what your peers are saying about Microsoft Sentinel vs. SmartEvent Event Management and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.