We performed a comparison between ManageEngine EventLog Analyzer and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The analytic rule is the most valuable feature."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"ManageEngine EventLog Analyzer is easy to gather reports to give to management. My supervisor has access to the solution and he enjoys the graphs."
"What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications. It seamlessly integrates throughout the ManageEngine suite, and that's beneficial. I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team."
"It's one of the easiest products. It's very simple to use."
"The initial setup is straightforward"
"I have made use of technical support and am certainly very satisfied with them."
"The user interface is very good."
"It is stable."
"The log management has helped to improve my organization."
"It is easy to use."
"The most valuable feature in ESM is its search and reporting feature. It's really nice."
"It is user-friendly. The notification part of McAfee ESM is very easy."
"I rate the tool's deployment an eight out of ten. The deployment is completed in two days."
"The most valuable feature is for the security operation center because it provides visibility of all traffic within the company infrastructure."
"The support I have received from the vendor has been great."
"It can be easily deployed with the other solutions."
"Compared to other solutions, the user interface is good."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"The reporting could be more structured."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple."
"Support could improve to make the solution better."
"What I'd like to see as an improvement to ManageEngine EventLog Analyzer is for it to be more AI-driven. Having more automation would also make the solution better."
"The scalability is limited."
"I would like to see more detailed reports."
"The first tier of customer service and support is not great."
"The solution should improve on its log capturing capabilities."
"The customization of reports could be a lot easier. It is not difficult but it could be made easier."
"I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore."
"There are some banking and transactional cases that are local, South America transactions. I would like to see them add features that can be used locally, to make those transactions more reliable."
"The solution needs to improve case management. The UI is confusing."
"Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface."
"Product currently requires Flash."
"There are always multiple bugs in the product. For example, the console page was hanging multiple times. Afterwards, they released multiple upgrades for the same, multiple patches from McAfee."
"The support from McAfee ESM could improve. They could improve the speed."
"The product’s alert response feature needs improvement. It could be more flexible and secure."
More ManageEngine EventLog Analyzer Pricing and Cost Advice →
ManageEngine EventLog Analyzer is ranked 23rd in Security Information and Event Management (SIEM) with 10 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. ManageEngine EventLog Analyzer is rated 7.8, while Trellix ESM is rated 7.4. The top reviewer of ManageEngine EventLog Analyzer writes "Modular software that seamlessly integrates with other applications and provides good technical support". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". ManageEngine EventLog Analyzer is most compared with ManageEngine Log360, Fortinet FortiAnalyzer, Wazuh, SolarWinds Kiwi Syslog Server and SolarWinds Log Analyzer, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Cybereason Endpoint Detection & Response. See our ManageEngine EventLog Analyzer vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
