We performed a comparison between ManageEngine EventLog Analyzer and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"Free ingestion for Azure logs (with E5 licence)"
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"We have no complaints about the features or functionality."
"I have made use of technical support and am certainly very satisfied with them."
"The user interface is very good."
"The most valuable features of ManageEngine EventLog Analyzer are the number of capabilities, file integration monitoring, web server log collection, and alert configuration."
"What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications. It seamlessly integrates throughout the ManageEngine suite, and that's beneficial. I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team."
"ManageEngine EventLog Analyzer is easy to gather reports to give to management. My supervisor has access to the solution and he enjoys the graphs."
"The log management has helped to improve my organization."
"The tool's reports show activities."
"The initial setup is straightforward"
"Its usability is the best part. It is easy for our developers to use if they want to search their logs, etc."
"Its dashboard is valuable. If you have a good knowledge of how to create a dashboard, you can create any dashboard related to cybersecurity. If fine-tuned, the alarms that are triggered for instant review are also very valuable and useful."
"The most valuable features include agility and Splunk Enterprise Security's ability to quickly search for alerted items, as well as the capacity to create custom alerts using the SQL language employed by Splunk."
"This is a straightforward solution, easy to configure."
"Splunk works based on parsing log files."
"The ability to manage large amounts of generated data and to protect all devices from unauthorized use are the most valuable features."
"The most valuable features for us include its robust log management capabilities, which allow us to efficiently handle and retain logs for extended periods as needed."
"The most valuable feature is the log aggregation, being able to scan through all of the logs."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"The solution should allow for a streamlined CI/CD procedure."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"There is room for improvement in entity behavior and the integration site."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"The solution should improve on its log capturing capabilities."
"The customization of reports could be a lot easier. It is not difficult but it could be made easier."
"I would like to see more detailed reports."
"There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple."
"What I'd like to see as an improvement to ManageEngine EventLog Analyzer is for it to be more AI-driven. Having more automation would also make the solution better."
"Support could improve to make the solution better."
"It may not be as easy to use as Splunk."
"The scalability is limited."
"Given the ever-increasing number of threats, I would like Splunk to update its threat signatures more frequently."
"It's costly."
"I think the tech support response time could be a bit better. Sometimes I need to wait more than 24 hours for a response to my tickets."
"There are new services which are coming up. If Splunk can catch up with the speed of Amazon, and with the integration, instead of us waiting for another year or so, that would be good."
"The presence of multiple layers creates a significant challenge for monitoring across cloud environments."
"The only thing which can be improved is that they are too subjective on whom their Splunk4Good initiative can be applied. They market it as you only need to be a nonprofit, but there is more to it."
"Splunk is very expensive. The license is based on the volume of the logs ingested. I was responsible for managing the contract with our service integrator. I don't know the precise details of the competing solution, but I have heard that Splunk is more expensive than others. I don't know what the going rate is on the market, but I think there are at least two competitors that are less expensive. We have experienced a few issues with our service providers in terms of log filtering and ingestion, so we continue to pay a bit more per day for our logs."
"The only improvement I am expecting is the cost of the licensing. Clients are going to other solutions just because of the cost."
More ManageEngine EventLog Analyzer Pricing and Cost Advice →
ManageEngine EventLog Analyzer is ranked 23rd in Security Information and Event Management (SIEM) with 11 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. ManageEngine EventLog Analyzer is rated 7.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of ManageEngine EventLog Analyzer writes "Modular software that seamlessly integrates with other applications and provides good technical support". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". ManageEngine EventLog Analyzer is most compared with ManageEngine Log360, Fortinet FortiAnalyzer, Wazuh, SolarWinds Kiwi Syslog Server and SolarWinds Log Analyzer, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Datadog. See our ManageEngine EventLog Analyzer vs. Splunk Enterprise Security report.
See our list of best Security Information and Event Management (SIEM) vendors and best Log Management vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.