We performed a comparison between ManageEngine Log360 and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The initial setup is very simple and straightforward."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities."
"The Sharecon feature is the most valuable."
"The reports that you can run are really nice."
"The deployment is quite simple and pretty straightforward."
"ManageEngine Log360 is not difficult to deploy."
"It is easier to deploy than are other SIEMs, which is great. You can also get an overview of your environment, which is very handy."
"It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect."
"The product is very user-friendly."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"Good for monitoring, active response, and for vulnerabilities."
"The configuration assessment and Pile integrity monitoring features are decent."
"The tool is stable."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"If they support a solution, it is easy to do an integration."
"The product’s interface is intuitive."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"We'd like to see more connectors."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"The playbook is a bit difficult and could be improved."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"The solution lacks some features when compared to other products."
"On the logging system, there's a local on-client side that is encrypted, and there's one that is not encrypted. It is only for diagnostical purposes. However, both being encrypted would be very valuable for some audits."
"Their technical support should be improved."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
"It takes a little bit of time for Log360 to actually learn your environment."
"The solution needs to improve hub storage. It should integrate AI and ML capabilities."
"Most times log sheets are not assigned well."
"The matter of the data retention needs to be addressed."
"It would be great if there could be customization for the decoder portion."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"Integration with Vyara could be better."
"We would like to see more improvements on the cloud."
"There could be a hardware monitoring tool for the solution."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
ManageEngine Log360 is ranked 25th in Log Management with 15 reviews while Wazuh is ranked 3rd in Log Management with 38 reviews. ManageEngine Log360 is rated 7.2, while Wazuh is rated 7.4. The top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Splunk Enterprise Security, Fortinet FortiSIEM, LogRhythm SIEM and SolarWinds Security Event Manager , whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Fortinet FortiAnalyzer. See our ManageEngine Log360 vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.