We performed a comparison between ManageEngine Log360 and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is that this solution is more secure than others, and there are more applications and features as well."
"The reports that you can run are really nice."
"The Sharecon feature is the most valuable."
"The solution could be improved by including XDR, remediation and Sandbox."
"It is easier to deploy than are other SIEMs, which is great. You can also get an overview of your environment, which is very handy."
"It is nice to be able to monitor and to have notifications."
"The reporting is great. Everything you need is in the report for you already."
"The product is very user-friendly."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The analytic rule is the most valuable feature."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"It has a lot of great features."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The Log analytics are useful."
"The automation feature is valuable."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system."
"The graphical interface could be made easier to use when you are connecting to different network equipment."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
"The support needs improvement."
"Their technical support should be improved."
"We can log in as a local user, and it's fine, but when we login with an Active Directory user, we cannot."
"It is not expensive compared to other solutions."
"On the logging system, there's a local on-client side that is encrypted, and there's one that is not encrypted. It is only for diagnostical purposes. However, both being encrypted would be very valuable for some audits."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"The playbook is a bit difficult and could be improved."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"The on-prem log sources still require a lot of development."
ManageEngine Log360 is ranked 24th in Security Information and Event Management (SIEM) with 15 reviews while Microsoft Sentinel is ranked 2nd in Security Information and Event Management (SIEM) with 86 reviews. ManageEngine Log360 is rated 7.2, while Microsoft Sentinel is rated 8.2. The top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security, Fortinet FortiSIEM and LogRhythm SIEM, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our ManageEngine Log360 vs. Microsoft Sentinel report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.