We performed a comparison between FileAudit and NNT Log Tracker Enterprise based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The Log analytics are useful."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Alerting upon file changes is the most valuable aspect of the product."
"It is a good and stable solution...It is a scalable solution."
"Our customer acquires the complete report which is kept for future auditing purposes."
"File integrity monitoring is a very important function."
"The most valuable feature is the predefined reports for PCI compliance."
"The FIM features in the Change Tracker and the Log Tracker are the most valuable."
"This is a very easy-to-use interface with a quick ramp-up time."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Sentinel's reporting is complex and can be more user-friendly."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"The troubleshooting has room for improvement."
"Whenever someone cuts and paste, it shows as "file is deleted"."
"The updates management and central management console could be improved."
"The DLP function, including installation of the agent on the workstation and controlling the DLP restrictions, are areas where the product lacks."
"The correlation suite needs to be improved."
"It is able to identify the vulnerability, however, they need an option to auto-mitigate."
"Only one minor deployment issue came up and it was resolved quickly. No other areas of improvement come to mind yet."
"I would like to see the integration of AI technology, so rather than manually monitoring the logs, the tool will understand it and take care of it."
FileAudit is ranked 42nd in Log Management with 3 reviews while NNT Log Tracker Enterprise is ranked 45th in Log Management with 4 reviews. FileAudit is rated 9.0, while NNT Log Tracker Enterprise is rated 8.2. The top reviewer of FileAudit writes "A scalable SIEM solution for monitoring a user's activity in the file server". On the other hand, the top reviewer of NNT Log Tracker Enterprise writes "Great for PCI compliance but issues with stability and large amounts of data". FileAudit is most compared with ManageEngine File Audit Plus, whereas NNT Log Tracker Enterprise is most compared with Cybereason Endpoint Detection & Response. See our FileAudit vs. NNT Log Tracker Enterprise report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
