We performed a comparison between FileAudit and SolarWinds Security Event Manager based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The main benefit is the ease of integration."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"We have no complaints about the features or functionality."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The machine learning and artificial intelligence on offer are great."
"It is a good and stable solution...It is a scalable solution."
"Our customer acquires the complete report which is kept for future auditing purposes."
"Alerting upon file changes is the most valuable aspect of the product."
"SolarWinds is easy to configure, and it provides timely alerts."
"The most valuable feature of this solution is the visibility into both attempted and failed logins."
"SolarWinds Security Event Manager has been generally working well."
"The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace."
"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"SolarWinds' stability is fine. I don't think we've had any software issues."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"The on-prem log sources still require a lot of development."
"The DLP function, including installation of the agent on the workstation and controlling the DLP restrictions, are areas where the product lacks."
"Whenever someone cuts and paste, it shows as "file is deleted"."
"The updates management and central management console could be improved."
"There are no multiple dashboards which would allow you to see information side-by-side."
"I would like to have a more customizable dashboard."
"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"It can be difficult for users who are inexperienced with the solution."
"There is no correlation made between log entries, so no threat information is presented."
"I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis."
"The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow."
More SolarWinds Security Event Manager Pricing and Cost Advice →
FileAudit is ranked 38th in Security Information and Event Management (SIEM) with 3 reviews while SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews. FileAudit is rated 9.0, while SolarWinds Security Event Manager is rated 7.8. The top reviewer of FileAudit writes "A scalable SIEM solution for monitoring a user's activity in the file server". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". FileAudit is most compared with ManageEngine File Audit Plus, whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender XDR and Wazuh.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.