ManageEngine Log360 Reviews

We basically utilize the tool to monitor security events based on a logon process such as bad passwords, lockout, etc.

We are using its latest version. We just upgraded it over the weekend.

It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect.

Its pricing should be better. Pricing is definitely a big factor for us. 

Their technical support should also be improved.

I have been using this solution for about three years.

It is pretty stable. We haven't had any problems with the system. I don't use the tool as much as my team does, so I really couldn't get into the specifics. It does what we want in terms of staying in compliance. 

I'm not too familiar with its scalability.

I haven't had very good support from those guys.

I haven't used any other products, but I've heard of products like LogRhythm and Splunk, and they seem to be supreme to this particular product that we have.

Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.

I would rate ManageEngine Log360 a six out of 10. 

The reports that you can run are really nice. They give you a lot of standard reports, which are nice, and the ability to run some custom ones, too. It takes some intuitive thinking to use it, but overall it's generally user-friendly; although it takes some digging to find the report you're looking for — it's almost overkill by data.

They have been doing some webinars for their solutions that run-down through it, and those are actually quite helpful. What they're doing for their improvement is kind of nice. They're sending out a series of webinars and then you can log on and ask live questions to the engineers as they're taking you through the use of the product. I am actually finding that quite helpful.

I've had to go leaps and bounds, wondering where stuff was at. There's a lot of tabs to go through. There's a lot of information presented within the system and knowing where to go in it is taking that process through, like, "You go here, you look there, you see this here. Can you think of a use case where you would want to know that?" They ask those questions and they get responses in their webinars and I think that's quite valuable.

They're giving you an hour to go through it and they're covering most of the material in 45 minutes. They need to actually have the product explained a little bit better than just, "Here you go." I think Varonis is a little bit more, "Hey, these are the alerts you have." And then on the right, it drives you right to where you need to go. With ManageEngine, you need to actually have an idea of what you want to do with the information you're looking at. It doesn't drive you in the direction — that's a con. Varonis kind of drives you down. On the right, it gives you the event list and you can go through it and drive to the data on the individual alert. ManageEngine gives you the alert and then you need to know where to go. 

Because I haven't been using it long enough, I am not too sure what's missing. I am comparing it with Varonis. The two seem to be lining up a lot, but Varonis is a little bit better as it gives me real-time alerts for the file shares. It takes a little bit of time for Log360 to actually learn your environment. I am dealing with a lot of alerts that aren't exactly valid because it just doesn't know yet.

The learning environment time is a little bit lengthy, but I think it's necessary. Since Varonis was already in the environment, I have no idea how long that took for it to learn that behavior. It's hard for me to compare the two in that aspect, but that's what I'm dealing with. That's what I would expect somebody else to be dealing with if they just got the product and they didn't have anything.

I have been using ManageEngine Log360 for the past couple of months.

Overall, on a scale from one to ten, I would give ManageEngine a rating of eight. It gives me a lot of information. Without the webinars, I'd give it a seven.

If they improved their alerting capabilities, I'd give them a higher rating. For example, "Click here to drive down, and here are the recommended steps for evaluating this alert." If it did that, I would give it a rating of ten. That's really the thing that they need. They need to drive their traffic on their platform as opposed to you having to guess where to go.

I work with an organization that focuses on money management. So we usually deploy for organizations such as banks, pension providers, and major IT firms that are interested in this. I've even deployed for micro-finance banks.

People use it to analyze security event information from their servers. It could be from an IaaS server address. They get logs we didn't know how to interpret and it helps them to prioritize. When a device connects, after the analyzation it prompts the administrator depending on the server data entered into it.

Customers don't really complain about any particular feature. The deployment is quite simple and pretty straightforward. 

The only thing I'd say is to provide log sheets that accurately describe how this solution works. Most times log sheets are not assigned well. You need to contact your support or you need to go to marketing and I don't like that.

Also, a Cloud version would be a major breakthrough. I think it should be looked into because most organizations these days don't want to publish on servers. Also in terms of flexibility, I think a cloud version should be pushed.

Backups are very, very important. We had a situation where because cloud reliability is not 100% when we wanted the backup we needed to re-position the server. So instead of starting from the previous position completely, it would be nice if you could just take the file and install the same version of the ones you want because now if you want to run that backup, you must install the one that was going before. I should be able to replicate the same on another server. I should be able to pick the same file and go. So the backup process is not that easy and not that straightforward.

I've not really seen any bugs from my own experience. If you are looking at network devices where you might need the SMTP, VP version 1, version 2, or 3. I'm not sure the application supports SMTP version 3. I think they support 1 or 2. So that might also be looked into especially for network devices.

It's scalable. 

In terms of licensing, it is scalable, as well. Before your clients can go in, first they have to say they want to buy a license. Then you have to get the number of licenses they want. How many administrators do they want to manage the application? So that would tell me what kind of license to buy. In that regard, it's not difficult. Though I've had some challenges in the past where it expired and maybe they just want to renew, something like that. A client is ready to go to the command, CMD, to go to the right tools. Then you go to the license that you applied for before. However, even then, it's not complex at all.

I have successfully deployed for two clients, one is a bank and the second one is a pension fund administrator.

I have been in touch with the ManageEngine technical support. They have been amazing when it comes to helping. I remember there was a time I wanted to to see from one database to another and I was stuck. I was able to get a support request to them. They assisted me, they provided the documentation that I needed to follow through. I still had one or two challenges so I went to a remote session with them and they did it for me.

The initial setup is straightforward. 

I've been trained with my organization to deploy this solution and other IT solutions. The deployment varies. It depends on the client. I tend to get clients that are not ready. Their credentials are not ready. Or they are giving credentials that are more of a privilege than is required. So it depends if everything is available. Then it is a maximum of three days to deploy no matter how complex or no matter how large the infrastructure is, and for every other device that you want to bring into the application to do proper monitoring. But most times you discover that the client is not ready, so it's not as simple as that, and you have to wait for around two months. Overall, the application is pretty simple. I can say that because I've installed it three times, as long as all the credentials needed are visible.

The advice I'd give is that if you want to enjoy the solution to the optimal level is to make sure that the credentials are correct and not that you give the credential an expired password. In that regard, if you've on-boarded one or two devices with expired passwords, the application would not be able to approve them because it's not a tool to get information like that.

It's a very nice solution and the graphics interface speaks a lot to that. The different graphs for marks that you can use with color to make sure that you have what you want. You can convert right from the interface and you can choose the kind of report you want. Do you want it to be in PDF? Do you want to get it as CSV? It's pretty nice.

Then the other area that I want us to look at is if you are trying to get a certificate. There was a time we were trying to get the certificate and you had to go to the application to get it. Then you put it in and send that format to your certificate authority. Then bring it back or plug it in. But we didn't find it very straightforward.

I would rate it a nine out of ten.

I like the product’s threat response and detection. I have seen the portal demo. The portal is very user-friendly compared to other solutions. The product is very user-friendly.

The solution lacks some features when compared to other products. It must add more features. Incident management for real-time scans must be improved a bit.

We are offering the solution to our customers.

I rate the tool’s stability an eight or ten out of ten. I haven't seen any bugs.

I rate the tool’s scalability a seven out of ten. The tool lacks some features. If those features are added, I would rate it a ten out of ten. One of our customers uses the solution. We get great feedback from them.

Most of our customers have a hybrid infrastructure.

We are looking for a solution that offers both on-premise and cloud versions. Someone with less experience using SIEM solutions must choose ManageEngine because it is very user-friendly. Overall, I rate the product an eight out of ten.

It is nice to be able to monitor and to have notifications.

Right now, we can't even get it to work. 

The support needs improvement.

The stability needs to be improved.

ManageEngine Log360 is not a stable solution. It needs improvement.

We have tickets in to get it fixed but we are not having a lot of luck.

I would rate ManageEngine Log360 a three out of ten.

The solution has many features that I like very much.

The user logs and files are great. The shuttle import is useful for imported logs and prices.

The reporting is great. Everything you need is in the report for you already.

The solution is quite large, which is useful for our level of business.

The matter of the data retention needs to be addressed.

The back-end, moving to a whole new server, needs the integration of the data already collected by this tool. Right now, this is lacking. I have some customers that have to collect data for a period of two years. That data needs to be mobile - and we are talking about two terabytes or three terabytes of logs. There's always a problem, where the old server is breaking or at the end of the life, and they need a whole new one and need to migrate, however, it is very hard to find a way to do this effectively.

In a future release, I would like to see some sort of feature that prepares one predefined installation. It would also be ideal if we could have separate servers for separate customers.

I would like to see that there are some items that are predefined, and some features to predefine some settings. For example, I would like to create some custom reports for customer complaints and be able to report the issues and put them into every part of the solution.

I've been using the solution for the last two years now.

The stability is good. We haven't had any issues with bugs or glitches. It doesn't crash or freeze. When we need to access our data to check on things we can easily.

The scalability is very good. Very nice. We have a distribution version for big IT environments in a global context. We can collect some old download data, to check them, from one place on one single server.

Our organization is quite large, and we have no trouble using this solution to manage the work.

We've dealt with technical support in the past. I can say with certainty they have been very good, and very professional. There has been no problem getting help from them when we need it. They're easy to work with. We're satisfied with the level of service they provide to us.

The initial setup was not complex. It was very straightforward. We didn't have any issues with the implementation.

How long it takes in total depends on if you are talking about a full deployment or just an installation. The more jobs, the more time it will take to configure the environment servers, and tasks of that nature. That's got to be solved. However, preparation for that part is most likely very easy and very simple for most organizations and should take perhaps six hours at a maximum.

I am a part-time partner and I am a unique distributor.

We're using the corporate version of the solution. It's the biggest version you can get.

I'd rate the solution nine out of ten. I'm waiting on a new feature they promised us int he third quarter. Other than that, the solution has worked quite well for me and offers almost everything I need.

The primary use case of this solution is for reports, file editing, Active Directory editing, and security alerting.

We monitor the action in the Active Directory. For example, if someone changes the password in the Active Directory or the password has failed in the login, or there is a change in policy, then we know which administrator has made the changes. 

We can see all of the reports from the Active Directory and the file server in Log360. It's a good application because the reports are good and it helps to find errors in the system.

The most valuable feature is that this solution is more secure than others, and there are more applications and features as well.

Another good feature is that we can install an application on another server and get a report on a single dashboard.

There are issues when we log into Log360 from the computer that is hosting the system. It does not connect to the Active Directory. For example, Linux cannot connect or log into Log360 with the Active Directory user. We can log in as a local user, and it's fine, but when we login with an Active Directory user, we cannot.

I have been using this solution for one year.

We are using the latest updated version.

This solution is stable, we have not had any crashes.

This solution is scalable. We have 100 computers. Scaling up is not a problem.

We have four users in the IT department.

There is a cost for each feature used.

I would recommend this solution to others. I have a friend who has installed it.

I would rate this solution a ten out of ten, it's a very good application.

The primary use case of this solution to look for anomalies in our traffic to see if there is anything out of the ordinary. We don't have the resources to perform deep analysis. This solution provides us with a report of what is breaking the normal routine.

The most valuable features of this solution are the consolidating of the reports, being able to take action and send them to email several addresses. We can divide the graces to different co-workers. 

You can have all of the logs from servers to network and it gets sent out to the correct owners. This is very helpful. Previously, we had several different products provide different functions. For example, there would be one product for the servers, one for the network, and one for the firewall, whereas now we have everything consolidated.

The GUI needs to be improved. The graphical interface could be made easier to use when you are connecting to different network equipment. For the service it is straightforward. It is a hassle when you have different manufactures for switches and realtors. Simplifying the user interface would be very helpful.

There are issues with stability.

In the next release, I would suggest to include not only for enterprise-level switches but also small business-level switches in the system. Some of our offices experienced issues when they had both local switches. Also, simplify the interface when you are adding network equipment.

I have been using this solution since July 2019.

We are using the most updated version, but I know that there will be another update available here in the spring.

We have experienced some issues when we do a re-start. 

The service can be delayed at its start. It varies from just a few minutes to 20 to 30 minutes. It does come on but it's very delayed at the start. It could be because I have all of my management products on the same server, and that could affect the starting time on it also. This has been the only buggy behavior that I have seen so far.

We have had a couple of issues when we run some cloud switches. At times, when you restart the server, you have to restart the switches afterward.

This solution is scalable if you have the money for it.

We currently have an open ticket in regards to the stability issues that we are experiencing, but I have only received a response that they are looking into it.

They are working on it, but they haven't had experience with the type of switch that we have. The one that we have is one of the smaller ones, and they only have the larger ones that they have been testing on.

The technical support is ok. They are quick in responding, within three to four hours you will receive a response.

Previously we were using several small products, and some were in-house developed. We also had log forwarding (WEF) by Microsoft. It is an app that you can put on your server so that we can define what you want to forward to your email. The problem is that the report is not consolidated. It is per occurrence .

We also had the Cisco Firewall.

The initial setup was rather straightforward.

I did not use a vendor or an integrator. I did it myself.

I purchased the Bulk Package which included the Log360 application. 

My advice would be to read the setup manual first and contact ManageEngine to assist you with any questions.

When we performed a test setup, we had some unknowns so we contacted ManageEngine. They got back to us with some advice on how to approach the issues. We were able to solve the issues on our end.

I would rate this solution an eight out of ten.