We performed a comparison between ManageEngine Log360 and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The pricing of the product is excellent."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The product can integrate with any device."
"The Sharecon feature is the most valuable."
"The deployment is quite simple and pretty straightforward."
"We haven't had any stability issues."
"ManageEngine Log360 is not difficult to deploy."
"You can have all of the logs from servers to network and it gets sent out to the correct owners. This is very helpful."
"It is easier to deploy than are other SIEMs, which is great. You can also get an overview of your environment, which is very handy."
"It is nice to be able to monitor and to have notifications."
"The reports that you can run are really nice."
"The most valuable feature of Splunk Enterprise Security is website activity monitoring."
"The solution is the market leader."
"It allows us to digest the information, the data, the different data streams, so we can make decisions based upon information that we receive, and it is pretty robust."
"The ability to manage large amounts of generated data and to protect all devices from unauthorized use are the most valuable features."
"The speed of the search engine"
"Splunk Enterprise Security comes with 300 pre-deployed use cases that can be easily customized to meet the specific needs of our organization, without the need to purchase additional tools."
"We were able to create a catalog of dashboards and have a holistic view at all levels. We could understand our business much better. Real-time errors, which were buried in emails before now, surfaced up on dashboards."
"If I need to integrate devices for logs, it is easier with Splunk. We can integrate different applications, network devices, and databases. It is also very rich in documents. It is the best."
"Sentinel's reporting is complex and can be more user-friendly."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
"The integration with SharePoint and Teams should be improved."
"We can log in as a local user, and it's fine, but when we login with an Active Directory user, we cannot."
"On the logging system, there's a local on-client side that is encrypted, and there's one that is not encrypted. It is only for diagnostical purposes. However, both being encrypted would be very valuable for some audits."
"The graphical interface could be made easier to use when you are connecting to different network equipment."
"It takes a little bit of time for Log360 to actually learn your environment."
"Most times log sheets are not assigned well."
"The solution needs to improve hub storage. It should integrate AI and ML capabilities."
"Splunk is not very user-friendly. It has a complex architecture in comparison to other solutions on the market."
"Search head clustering is often temperamental in its current state and should be improved, replaced by something better, or be reverted to search head pooling."
"The UI can be difficult to understand for non-technical people."
"It would be nice if Splunk reduced the cost of training. Their training sessions are way too costly."
"The GUI can be improved. Splunk has always suffered from having a kind of goofy UI, it needs some updating."
"Splunk's ability to analyze malicious activities scores an 8 out of 10, but there's room for improvement. By analyzing emerging patterns, Splunk could identify and predict potential threats more effectively."
"We do have to educate developers on how to not blow it up. It is a little to easy to write an expensive query and overly stress the system. This could be improved."
"Certain sections of the developer documentation could use some updating and clarification."
ManageEngine Log360 is ranked 25th in Log Management with 15 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews. ManageEngine Log360 is rated 7.2, while Splunk Enterprise Security is rated 8.4. The top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Fortinet FortiSIEM, LogRhythm SIEM and SolarWinds Security Event Manager , whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor. See our ManageEngine Log360 vs. Splunk Enterprise Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
