• Home
  • LogRhythm SIEM vs. ManageEngine EventLog Analyzer

LogRhythm SIEM vs ManageEngine EventLog Analyzer comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Sentinel

Read 85 Microsoft Sentinel reviews
32,763 views|18,195 comparisons
92% willing to recommend
LogRhythm Logo

LogRhythm SIEM

Read 166 LogRhythm SIEM reviews
10,202 views|5,819 comparisons
89% willing to recommend
ManageEngine Logo

ManageEngine EventLog Analyzer

Read 10 ManageEngine EventLog Analyzer reviews
3,317 views|2,130 comparisons
80% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
LogRhythm SIEM vs. ManageEngine EventLog Analyzer
April 2024
Executive Summary

We performed a comparison between LogRhythm SIEM and ManageEngine EventLog Analyzer based on real PeerSpot user reviews.

Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed LogRhythm SIEM vs. ManageEngine EventLog Analyzer Report (Updated: April 2024).
Download the complete report
767,847 professionals have used our research since 2012.
Featured Review
Pavan Kumar Kemisetti
Researched LogRhythm SIEM but chose Microsoft Sentinel: Supports cloud-based logs and has many out-of-the-box connectors, but dashboards and SOAR documentation can be better
In traditional SIEM solutions, there is a lot of hardware, and there is a lot of maintenance around it. We require a lot of resources for... Read more →
Austin Spell
Provides a comprehensive and powerful view of our environment from one dashboard
This solution has improved our organization in many different ways. The biggest benefit is being able to view all information in one dashboard... Read more →
Anonymous User
Easy to use with good monitoring and management
I used the solution alongside others to run some tests for a client, and they decided which solution they wanted to use.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The product can integrate with any device.""The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high.""I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL.""The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects.""The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user.""Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements.""The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources.""The analytic rule is the most valuable feature."

More Microsoft Sentinel Pros →

"As a healthcare company, what we use it for is compliance, then to protect our data from exaltation.""The correlation engine is extremely valuable because it uses machine learning to process information from the central manager and identifies issues in the network.""We have NetFlow information going into it, so we can examine a lot of traffic patterns and anomalies, especially if something stands out and is not the baseline. This helps a lot.""The artificial intelligence engine.""The ability for me to go into the Web UI, and just learn what's going on in my environment.""Alarms are the most valuable feature. We also like the dashboard and how things are at your fingertips. The fact that we can now edit the report templates is going to be a great thing.""The user interface is pretty good compared to other SIEM tools.""Currently, we are in the implementation phase. LogRhythm is better than QRadar from the point of view of collecting Windows events. It has a much higher view. You can enable monitoring by default."

More LogRhythm SIEM Pros →

"ManageEngine EventLog Analyzer is easy to gather reports to give to management. My supervisor has access to the solution and he enjoys the graphs.""The log management has helped to improve my organization.""The tool's reports show activities.""The most valuable features of ManageEngine EventLog Analyzer are the number of capabilities, file integration monitoring, web server log collection, and alert configuration.""The user interface is very good.""The initial setup is straightforward""What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications. It seamlessly integrates throughout the ManageEngine suite, and that's beneficial. I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team.""I have made use of technical support and am certainly very satisfied with them."

More ManageEngine EventLog Analyzer Pros →

Cons
"We'd like to see more connectors.""It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall.""If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details.""While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate.""Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel.""Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex.""The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress.""Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."

More Microsoft Sentinel Cons →

"Sometimes, the tool fails to get the correlated events that triggered the alerts.""We need to get better training for things like creating code and playlists. The way it's done now takes a long time.""I would like to see more integration with more products that are out there within the same security field.""I would probably look for more things to go into the web console that is currently on the fat client.""We use Windows Event Forwarding to collect the logs from our Windows clients, and the logs get aggregated as one data source on that collector. Therefore, finding logs specific to one particular Windows system requires some creativity in how we search the SIEM.""Scalability misses the mark sometimes, especially when you have an integrated disaster recovery built into the solution.""LogRhythm NextGen SIEM could improve by adding more applications for the banking sector. There are not any custom applications at this time.""I would like a more fuller implementation of STIX/TAXII so I can pull in some of the government lists without having to go implement a whole new STIX/TAXII platform."

More LogRhythm SIEM Cons →

"There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple.""It may not be as easy to use as Splunk.""I would like to see more detailed reports.""The solution should improve on its log capturing capabilities.""Support could improve to make the solution better.""What I'd like to see as an improvement to ManageEngine EventLog Analyzer is for it to be more AI-driven. Having more automation would also make the solution better.""The first tier of customer service and support is not great.""The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."

More ManageEngine EventLog Analyzer Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

  • "Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
  • "If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation."
  • "I would recommend that whatever sales quotes to them upfront, they will probably go up. Because they are probably going to outgrow that very quickly or once they start getting everything into it, they are going to have to move up anyway."
  • "Look for whatever will give you the most value. That's the main point. It is not one size fits all."
  • "I would recommend talking to the rep. That's the biggest thing because they will know what questions to ask."
  • "In comparison to the competition, they are more affordable. This allows us to do more with less."
  • "The solution has provided us with consistency and increased staff productivity through orchestrated automated work flows by at least 20 percent."
  • "I have seen a measurable decrease in the mean time to detect and respond to threats. We went from not detecting them to detecting them. We can actually pick up what is anomalous in our network now."

    • More LogRhythm SIEM Pricing and Cost Advice →

  • "There is a license required for these solutions. The customer can choose the license type, such as an annual license purchase or a perpetual license. If the customer wants maintenance they will have to pay annually."
  • "There is a yearly subscription for the solution."
  • "ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license."
  • "Licensing for ManageEngine EventLog Analyzer is paid yearly."
  • "We paid for the license of the solution and the deployment. The price of ManageEngine EventLog Analyzer is less expensive than other solutions."
  • "ManageEngine EventLog Analyzer is expensive. Its licensing costs are annual."

    • More ManageEngine EventLog Analyzer Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    See Recommendations
    767,847 professionals have used our research since 2012.
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    What is the difference between log management and SIEM?
    Top Answer:Rony, Daniel's answer is right on the money.  There are many solutions for each in the market, a lot depends upon your… more »
    Read all 6 answers   →
    What do you like most about LogRhythm NextGen SIEM?
    Top Answer:LogRhythm does a very good job of helping SOCs manage their workflows.
    Read all 43 answers   →
    What is your experience regarding pricing and costs for LogRhythm NextGen...
    Top Answer:LogRhythm's pricing and licensing are extremely competitive and it's one of the top three reasons we continue to invest… more »
    Read all 23 answers   →
    What do you like most about ManageEngine EventLog Analyzer?
    Top Answer:The tool's reports show activities.
    Read all 10 answers   →
    What needs improvement with ManageEngine EventLog Analyzer?
    Top Answer:I would like to see more detailed reports.
    Read all 9 answers   →
    What is your primary use case for ManageEngine EventLog Analyzer?
    Top Answer:We use ManageEngine EventLog Analyzer for remote logging.
    Read all 9 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
    EventLog Analyzer
    Learn More
    Microsoft
    LogRhythm
    ManageEngine
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:

    ● Streamlined workflow

    ● Secure data access

    ● Real-time visibility

    ● A unified user experience

    ● Management customization

    Security information and event management (SIEM) solutions have been evolving for over a decade; their core functionality still acts as the most effective foundation for any organization’s technology stack. A SIEM solution enables an organization to centrally collect data across its entire network environment to gain real-time visibility into activity that may pose a risk to the organization. SIEM technology addresses threats before they become significant financial risks while simultaneously helping better manage an organization’s assets.

    LogRhythm SIEM has many key features and capabilities, including:

    High-Performance Log Management: LogRhythm SIEM offers structured and unstructured search capabilities which allows users to swiftly search across an organization’s vast data to easily find answers, identify IT and security issues, and troubleshoot issues. Users can efficiently process and index terabytes of log data daily.

    Network and Endpoint Monitoring: Forensic sensors allow users to gain deep visibility into endpoint and network activity. Users can see behavioral anomalies and better respond to incidents.

    SmartResponse™ Automation: LogRhythm SIEM allows users to centrally execute pre-staged actions that automate incident investigatory tasks and responses.

    Automated Machine Analytics: LogRhythm SIEM's AI Engine continuously analyzes all collected security incidents and forensic data. Security teams are delivered precise, real-time intelligence about risk-prioritized threats.

    Case and Security Incident Management: LogRhythm SIEM offers an integrated workflow so that threats don’t slip through the cracks. Collaboration tools help centrally manage and track investigations.

    User and entity behavior analytics (UEBA): Embedded deterministic UEBA monitoring helps protect against insider threats.

    Security orchestration, automation, and response (SOAR): LogRhythm SIEM includes our embedded SOAR solution to increase efficiency and higher-quality incident response with low mean time to response (MTTR).

    Benefits to Using LogRhythm SIEM

    The platform offers great value to security and IT operations. Users have the ability to map their security and IT operations to existing frameworks such as NIST and MITRE ATT&CK.

    ● The platform offers broad integration across security and IT vendors: Users benefit from support for integration with hundreds of security and IT solutions. In turn, this further extends SIEM capabilities and data collection.

    ● The platform provides compliance adherence, enforcement, and reporting: The prebuilt compliance modules automatically detect violations as they occur and remove the burden of manually reviewing audit logs.

    Reviews from Real Users

    LogRhythm SIEM stands out among its competitors for a number of reasons. Two major ones are its ability to be customized and its quick performance of queries.

    Jason G., a senior cybersecurity engineer, writes, "I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."

    Andy W., principal consultant at ITSEC Asia, notes, “LogRhythm SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions.”

    Your organizations IT infrastructure generate huge amount of logs every day and these machine generated logs have vital information that can provide powerful insights and network security intelligence into user behaviors, network anomalies, system downtime, policy violations, internal threats, regulatory compliance, etc. However, the task of analyzing these event logs and syslogs without automated log analyzer tools can be both time-consuming and painful if done manually.

    EventLog Analyzer provides the most cost-effective Security Information and Event Management (SIEM) software on the market. Using this Log Analyzer software, organizations can automate the entire process of managing terabytes of machine generated logs by collecting, analyzing, correlating, searching, reporting, and archiving from one central location. This event log analyzer software helps to monitor file integrity, conduct log forensics analysis, monitor privileged users and comply to different compliance regulatory bodies by intelligently analyzing your logs and instantly generating a variety of reports like user activity reports, historical trend reports, and more.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
    Moody National Bank, EnCircle, Goldleaf Financial Solutions, Inc, IBM, Ernst & Young, Micro Linear, Silverbeck-Rymer Solicitors, Provincial Court of British Columbia, Eleventh Judicial Circuit of Florida, OGILVY & MATHER, E! Entertainment, Tribune-Review Publishing Co.
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm26%
    Healthcare Company11%
    Energy/Utilities Company9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Educational Organization37%
    Computer Software Company9%
    Government6%
    Financial Services Firm6%
    REVIEWERS
    Insurance Company25%
    Government25%
    Computer Software Company13%
    Agriculture13%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Government8%
    Manufacturing Company8%
    Financial Services Firm6%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    REVIEWERS
    Small Business23%
    Midsize Enterprise23%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise45%
    Large Enterprise37%
    REVIEWERS
    Small Business33%
    Midsize Enterprise50%
    Large Enterprise17%
    VISITORS READING REVIEWS
    Small Business32%
    Midsize Enterprise19%
    Large Enterprise49%
    Buyer's Guide
    LogRhythm SIEM vs. ManageEngine EventLog Analyzer
    April 2024
    Free Report: LogRhythm SIEM vs. ManageEngine EventLog Analyzer
    Find out what your peers are saying about LogRhythm SIEM vs. ManageEngine EventLog Analyzer and other solutions. Updated: April 2024.
    DOWNLOAD NOW
    767,847 professionals have used our research since 2012.

    LogRhythm SIEM is ranked 7th in Log Management with 166 reviews while ManageEngine EventLog Analyzer is ranked 18th in Log Management with 10 reviews. LogRhythm SIEM is rated 8.4, while ManageEngine EventLog Analyzer is rated 7.8. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of ManageEngine EventLog Analyzer writes "Modular software that seamlessly integrates with other applications and provides good technical support". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Fortinet FortiSIEM and LogRhythm Axon, whereas ManageEngine EventLog Analyzer is most compared with ManageEngine Log360, Fortinet FortiAnalyzer, Wazuh and SolarWinds Kiwi Syslog Server. See our LogRhythm SIEM vs. ManageEngine EventLog Analyzer report.

    See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.