We performed a comparison between IBM Security QRadar and ManageEngine EventLog Analyzer based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's pretty powerful and its performance is pretty good."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The automation feature is valuable."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"We've found the technical support to be very good."
"It has a logical, user-friendly GUI."
"When it comes to QRadar, they can do the correlation and not only in networks but also endpoints. This is one of the good features that we have noticed."
"Vulnerability data, network data and the like, are part of correlation and detection."
"It is a very optimized engine."
"It is suitable for large companies with critical infrastructure. For our clients, robustness, availability at a high level, and the level of references and experiences connected to the solution are important."
"We are using the platform version, which I like."
"The most valuable features are log monitoring, easy-to-fix issues, and problem-solving."
"The initial setup is straightforward"
"The log management has helped to improve my organization."
"ManageEngine EventLog Analyzer is easy to gather reports to give to management. My supervisor has access to the solution and he enjoys the graphs."
"It's one of the easiest products. It's very simple to use."
"The tool's reports show activities."
"The most valuable features of ManageEngine EventLog Analyzer are the number of capabilities, file integration monitoring, web server log collection, and alert configuration."
"The user interface is very good."
"I have made use of technical support and am certainly very satisfied with them."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The solution should allow for a streamlined CI/CD procedure."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"The threat detection needs improvement, they have many false positives."
"The modularity could be improved."
"They should provide more manual examples online so that I can learn it myself."
"The product needs to improve its GUI."
"QRadar needs a lot of fine tuning"
"It would be good if the program allowed certain profiles to only see certain customer information."
"The solution lacks some maturity."
"There needs to be better integration with other applications."
"It may not be as easy to use as Splunk."
"There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple."
"The first tier of customer service and support is not great."
"The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."
"I would like to see more detailed reports."
"The customization of reports could be a lot easier. It is not difficult but it could be made easier."
"The solution should improve on its log capturing capabilities."
"The scalability is limited."
More ManageEngine EventLog Analyzer Pricing and Cost Advice →
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations.
IBM Security QRadar is ranked 6th in Log Management with 197 reviews while ManageEngine EventLog Analyzer is ranked 20th in Log Management with 10 reviews. IBM Security QRadar is rated 8.0, while ManageEngine EventLog Analyzer is rated 7.8. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of ManageEngine EventLog Analyzer writes "Modular software that seamlessly integrates with other applications and provides good technical support". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Fortinet FortiSIEM, whereas ManageEngine EventLog Analyzer is most compared with ManageEngine Log360, Fortinet FortiAnalyzer, Wazuh, SolarWinds Kiwi Syslog Server and Splunk Enterprise Security. See our IBM Security QRadar vs. ManageEngine EventLog Analyzer report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.