We performed a comparison between Elastic Security and ManageEngine Log360 based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Log aggregation and data connectors are the most valuable features."
"Free ingestion for Azure logs (with E5 licence)"
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The product has huge integration varieties available."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"Enables monitoring of application performance and the ability to predict behaviors."
"It's very stable and reliable."
"The performance is good and it is faster than IBM QRadar."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"The product is very user-friendly."
"It is easier to deploy than are other SIEMs, which is great. You can also get an overview of your environment, which is very handy."
"The most valuable feature is that this solution is more secure than others, and there are more applications and features as well."
"It is nice to be able to monitor and to have notifications."
"The deployment is quite simple and pretty straightforward."
"The reporting is great. Everything you need is in the report for you already."
"The solution could be improved by including XDR, remediation and Sandbox."
"ManageEngine Log360 is not difficult to deploy."
"I would like to be able to monitor applications outside of the Azure Cloud."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"The AI capabilities must be improved."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."
"Technical support could respond faster."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"There isn't really a very good user experience. You need a lot of training."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"The solution lacks some features when compared to other products."
"It takes a little bit of time for Log360 to actually learn your environment."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
"On the logging system, there's a local on-client side that is encrypted, and there's one that is not encrypted. It is only for diagnostical purposes. However, both being encrypted would be very valuable for some audits."
"We can log in as a local user, and it's fine, but when we login with an Active Directory user, we cannot."
"The support needs improvement."
"The integration with SharePoint and Teams should be improved."
"The matter of the data retention needs to be addressed."
Elastic Security is ranked 5th in Log Management with 59 reviews while ManageEngine Log360 is ranked 27th in Log Management with 15 reviews. Elastic Security is rated 7.6, while ManageEngine Log360 is rated 7.2. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender for Endpoint and CrowdStrike Falcon, whereas ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security, Fortinet FortiSIEM and SolarWinds Security Event Manager . See our Elastic Security vs. ManageEngine Log360 report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
