We performed a comparison between ManageEngine EventLog Analyzer and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The Log analytics are useful."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"It's one of the easiest products. It's very simple to use."
"The tool's reports show activities."
"It is stable."
"ManageEngine EventLog Analyzer is easy to gather reports to give to management. My supervisor has access to the solution and he enjoys the graphs."
"The initial setup is straightforward"
"The most valuable features of ManageEngine EventLog Analyzer are the number of capabilities, file integration monitoring, web server log collection, and alert configuration."
"I have made use of technical support and am certainly very satisfied with them."
"What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications. It seamlessly integrates throughout the ManageEngine suite, and that's beneficial. I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team."
"It is user-friendly. It is more effective than other solutions. The support and help for troubleshooting and the documentation from Splunk make it very effective."
"Splunk Enterprise Security offers two valuable features: the Common Information Model and arrangement modules."
"There are a lot of third-party applications that can be installed."
"It can log more logs than other solutions. It's a good way to troubleshoot problems."
"The feature that I have found most valuable with Splunk is the ability to sift through a bunch of data very quickly."
"Its compatibility with other SIEMS is very useful."
"Splunk allows us to customize processing and dashboards, which helps us take care of our customers' needs."
"It helps streamline troubleshooting and log analysis."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The on-prem log sources still require a lot of development."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"The solution could improve the playbooks."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"The first tier of customer service and support is not great."
"There's a lot to improve in terms of connectivity. Currently, we're utilizing it across various infrastructures and environments, including others' cloud. However, connecting it to our infrastructure and integrating it with some of our SMAX solutions poses difficulties."
"The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."
"The solution should improve on its log capturing capabilities."
"I would like to see more detailed reports."
"It may not be as easy to use as Splunk."
"The scalability is limited."
"The customization of reports could be a lot easier. It is not difficult but it could be made easier."
"When you get into large amounts of data, Splunk can get pretty slow. This is the same on-premise or AWS, it doesn't matter. The way that they handle large data sets could be improved."
"I would like Splunk to add more integration. QRadar has many indications with more products than Splunk."
"The solution could improve by increasing the performance. We have run into problems when large amounts of data are processed."
"If it could be made available as a service, this would be much better than as a product."
"Not even Splunk's support guy, who came to our firm, could help with defining proper role management."
"Some of the terminology can be confusing, even for seasoned vets. Renaming components at this point would be a serious undertaking. However, it might be beneficial in the long run."
"An area of improvement would be the licensing of the solution. They need a free license, which would allow faster lead times."
"I would like to see more SIEM functionality and a better ticket tool."
More ManageEngine EventLog Analyzer Pricing and Cost Advice →
ManageEngine EventLog Analyzer is ranked 23rd in Security Information and Event Management (SIEM) with 11 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. ManageEngine EventLog Analyzer is rated 7.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of ManageEngine EventLog Analyzer writes "Modular software that seamlessly integrates with other applications and provides good technical support". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". ManageEngine EventLog Analyzer is most compared with ManageEngine Log360, Fortinet FortiAnalyzer, Wazuh, SolarWinds Kiwi Syslog Server and SolarWinds Log Analyzer, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Datadog. See our ManageEngine EventLog Analyzer vs. Splunk Enterprise Security report.
See our list of best Security Information and Event Management (SIEM) vendors and best Log Management vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
