We performed a comparison between Microsoft Sentinel and SolarWinds Security Event Manager based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"Sentinel pricing is good"
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"The initial setup is very simple and straightforward."
"Free ingestion for Azure logs (with E5 licence)"
"The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms."
"SolarWinds Security Event Manager has been generally working well."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."
"It's easy to build rules and actions based on the logs and event types we collect with the software."
"It's extremely easy to deploy."
"SolarWinds' stability is fine. I don't think we've had any software issues."
"The solution helps me to go back in time and search for different events. For example, if you wanted to know who activated an account; you could go back in time and find out."
"I would like to see more AI used in processes."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"The product can be improved by reducing the cost to use AI machine learning."
"The on-prem log sources still require a lot of development."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"The reporting could be more structured."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."
"I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture."
"It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery."
"The only issue is the pricetag. SolarWinds is a costly solution."
"The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."
"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."
"The reporting could be more robust. It can be a lot more granular and that will make it a lot more useful in comparison to how it is incorporated at the moment."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
More SolarWinds Security Event Manager Pricing and Cost Advice →
Microsoft Sentinel is ranked 1st in Security Information and Event Management (SIEM) with 85 reviews while SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews. Microsoft Sentinel is rated 8.2, while SolarWinds Security Event Manager is rated 7.8. The top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Microsoft Defender for Cloud, Splunk Enterprise Security and Elastic Security, whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Wazuh and Microsoft Defender XDR. See our Microsoft Sentinel vs. SolarWinds Security Event Manager report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
