We performed a comparison between ManageEngine Log360 and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The automation feature is valuable."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The Sharecon feature is the most valuable."
"The reports that you can run are really nice."
"It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect."
"The solution could be improved by including XDR, remediation and Sandbox."
"It is easier to deploy than are other SIEMs, which is great. You can also get an overview of your environment, which is very handy."
"The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities."
"The reporting is great. Everything you need is in the report for you already."
"The most valuable feature is that this solution is more secure than others, and there are more applications and features as well."
"The ability to ingest any data and display it in a way that anyone can understand."
"It is user-friendly. It is more effective than other solutions. The support and help for troubleshooting and the documentation from Splunk make it very effective."
"It has reduced the time to resolution, time to investigate, and time to troubleshoot for debugging issues."
"The most valuable feature of Splunk Enterprise Security is the comprehensive logging capabilities it provides."
"The graph visualization is the most valuable feature."
"Integrity with many vendors: This simplifies the implementation and integration with different devices"
"Splunk has significantly helped with aggregation and correlation of critical logs. Not having to grep on each individual server has made everyone more efficient."
"The most valuable feature is the log aggregation, being able to scan through all of the logs."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"One key area that can be improved is by building a strong integration with our XDR platform."
"We'd like also a better ticketing system, which is older."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"The matter of the data retention needs to be addressed."
"The solution needs to improve hub storage. It should integrate AI and ML capabilities."
"The support needs improvement."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
"The graphical interface could be made easier to use when you are connecting to different network equipment."
"Their technical support should be improved."
"It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system."
"Most times log sheets are not assigned well."
"On-premises scaling of the solution is a bit more limited than it is on the cloud."
"Technical support needs to be more responsive."
"I'd like to see more integration with more antivirus systems."
"The administration of the cluster and app deployment to indexers or search heads can be done only using ssh access and command line, there is no GUI tools for that."
"An area of improvement would be the licensing of the solution. They need a free license, which would allow faster lead times."
"The GUI can be improved to include some of the capabilities that other BI solutions have."
"Its pricing is extremely high. There are other tools out in the market that are competitive. They do not necessarily have all the functionality, but they are competitive. The professional services we have used have been high as well in comparison to the market."
"Over time I will have more requirements and I can foresee the solution could improve the search algorithm to run and output the data faster."
ManageEngine Log360 is ranked 27th in Log Management with 15 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 240 reviews. ManageEngine Log360 is rated 7.2, while Splunk Enterprise Security is rated 8.4. The top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Fortinet FortiSIEM, SolarWinds Security Event Manager and LogRhythm SIEM, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Datadog. See our ManageEngine Log360 vs. Splunk Enterprise Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.