We just raised a $30M Series A: Read our story

ManageEngine Log360 OverviewUNIXBusinessApplication

ManageEngine Log360 is the #7 ranked solution in our list of top User Behavior Analytics - UEBA tools. It is most often compared to ManageEngine EventLog Analyzer: ManageEngine Log360 vs ManageEngine EventLog Analyzer

What is ManageEngine Log360?

Log360 is your one-stop solution for all log management and network security challenges. It is an integrated solution that combines EventLog Analyzer and ADAudit Plus into a single console to help you manage your Active Directory auditing and network security easily.

ManageEngine Log360 Buyer's Guide

Download the ManageEngine Log360 Buyer's Guide including reviews and more. Updated: October 2021

ManageEngine Log360 Customers

First Mountain Bank, TRA, Citadel Group, OnPoint Financial Corp, Florida Dept. of Transportation

ManageEngine Log360 Video

Pricing Advice

What users are saying about ManageEngine Log360 pricing:
  • "There is a cost for each feature used."
  • "Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved."

ManageEngine Log360 Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Babatunde-Olugbode
Technical Presales Engineer with self employed
Reseller
Top 10
Deployment is quite simple and straightforward and it has a good graphics interface

Pros and Cons

  • "The deployment is quite simple and pretty straightforward."
  • "Most times log sheets are not assigned well."

What is our primary use case?

I work with an organization that focuses on money management. So we usually deploy for organizations such as banks, pension providers, and major IT firms that are interested in this. I've even deployed for micro-finance banks.

People use it to analyze security event information from their servers. It could be from an IaaS server address. They get logs we didn't know how to interpret and it helps them to prioritize. When a device connects, after the analyzation it prompts the administrator depending on the server data entered into it.

What is most valuable?

Customers don't really complain about any particular feature. The deployment is quite simple and pretty straightforward. 

What needs improvement?

The only thing I'd say is to provide log sheets that accurately describe how this solution works. Most times log sheets are not assigned well. You need to contact your support or you need to go to marketing and I don't like that.

Also, a Cloud version would be a major breakthrough. I think it should be looked into because most organizations these days don't want to publish on servers. Also in terms of flexibility, I think a cloud version should be pushed.

Backups are very, very important. We had a situation where because cloud reliability is not 100% when we wanted the backup we needed to re-position the server. So instead of starting from the previous position completely, it would be nice if you could just take the file and install the same version of the ones you want because now if you want to run that backup, you must install the one that was going before. I should be able to replicate the same on another server. I should be able to pick the same file and go. So the backup process is not that easy and not that straightforward.

What do I think about the stability of the solution?

I've not really seen any bugs from my own experience. If you are looking at network devices where you might need the SMTP, VP version 1, version 2, or 3. I'm not sure the application supports SMTP version 3. I think they support 1 or 2. So that might also be looked into especially for network devices.

What do I think about the scalability of the solution?

It's scalable. 

In terms of licensing, it is scalable, as well. Before your clients can go in, first they have to say they want to buy a license. Then you have to get the number of licenses they want. How many administrators do they want to manage the application? So that would tell me what kind of license to buy. In that regard, it's not difficult. Though I've had some challenges in the past where it expired and maybe they just want to renew, something like that. A client is ready to go to the command, CMD, to go to the right tools. Then you go to the license that you applied for before. However, even then, it's not complex at all.

I have successfully deployed for two clients, one is a bank and the second one is a pension fund administrator.

How are customer service and technical support?

I have been in touch with the ManageEngine technical support. They have been amazing when it comes to helping. I remember there was a time I wanted to to see from one database to another and I was stuck. I was able to get a support request to them. They assisted me, they provided the documentation that I needed to follow through. I still had one or two challenges so I went to a remote session with them and they did it for me.

How was the initial setup?

The initial setup is straightforward. 

I've been trained with my organization to deploy this solution and other IT solutions. The deployment varies. It depends on the client. I tend to get clients that are not ready. Their credentials are not ready. Or they are giving credentials that are more of a privilege than is required. So it depends if everything is available. Then it is a maximum of three days to deploy no matter how complex or no matter how large the infrastructure is, and for every other device that you want to bring into the application to do proper monitoring. But most times you discover that the client is not ready, so it's not as simple as that, and you have to wait for around two months. Overall, the application is pretty simple. I can say that because I've installed it three times, as long as all the credentials needed are visible.

What other advice do I have?

The advice I'd give is that if you want to enjoy the solution to the optimal level is to make sure that the credentials are correct and not that you give the credential an expired password. In that regard, if you've on-boarded one or two devices with expired passwords, the application would not be able to approve them because it's not a tool to get information like that.

It's a very nice solution and the graphics interface speaks a lot to that. The different graphs for marks that you can use with color to make sure that you have what you want. You can convert right from the interface and you can choose the kind of report you want. Do you want it to be in PDF? Do you want to get it as CSV? It's pretty nice.

Then the other area that I want us to look at is if you are trying to get a certificate. There was a time we were trying to get the certificate and you had to go to the application to get it. Then you put it in and send that format to your certificate authority. Then bring it back or plug it in. But we didn't find it very straightforward.

I would rate it a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: distributor
PR
Information Systems Manager at a non-profit with 1-10 employees
Real User
Top 10
Consolidating and automatically sending reports has been useful in detecting network anomalies

Pros and Cons

  • "You can have all of the logs from servers to network and it gets sent out to the correct owners. This is very helpful."
  • "The graphical interface could be made easier to use when you are connecting to different network equipment."

What is our primary use case?

The primary use case of this solution to look for anomalies in our traffic to see if there is anything out of the ordinary. We don't have the resources to perform deep analysis. This solution provides us with a report of what is breaking the normal routine.

What is most valuable?

The most valuable features of this solution are the consolidating of the reports, being able to take action and send them to email several addresses. We can divide the graces to different co-workers. 

You can have all of the logs from servers to network and it gets sent out to the correct owners. This is very helpful. Previously, we had several different products provide different functions. For example, there would be one product for the servers, one for the network, and one for the firewall, whereas now we have everything consolidated.

What needs improvement?

The GUI needs to be improved. The graphical interface could be made easier to use when you are connecting to different network equipment. For the service it is straightforward. It is a hassle when you have different manufactures for switches and realtors. Simplifying the user interface would be very helpful.

There are issues with stability.

In the next release, I would suggest to include not only for enterprise-level switches but also small business-level switches in the system. Some of our offices experienced issues when they had both local switches. Also, simplify the interface when you are adding network equipment.

For how long have I used the solution?

I have been using this solution since July 2019.

We are using the most updated version, but I know that there will be another update available here in the spring.

What do I think about the stability of the solution?

We have experienced some issues when we do a re-start. 

The service can be delayed at its start. It varies from just a few minutes to 20 to 30 minutes. It does come on but it's very delayed at the start. It could be because I have all of my management products on the same server, and that could affect the starting time on it also. This has been the only buggy behavior that I have seen so far.

We have had a couple of issues when we run some cloud switches. At times, when you restart the server, you have to restart the switches afterward.

What do I think about the scalability of the solution?

This solution is scalable if you have the money for it.

How are customer service and technical support?

We currently have an open ticket in regards to the stability issues that we are experiencing, but I have only received a response that they are looking into it.

They are working on it, but they haven't had experience with the type of switch that we have. The one that we have is one of the smaller ones, and they only have the larger ones that they have been testing on.

The technical support is ok. They are quick in responding, within three to four hours you will receive a response.

Which solution did I use previously and why did I switch?

Previously we were using several small products, and some were in-house developed. We also had log forwarding (WEF) by Microsoft. It is an app that you can put on your server so that we can define what you want to forward to your email. The problem is that the report is not consolidated. It is per occurrence .

We also had the Cisco Firewall.

How was the initial setup?

The initial setup was rather straightforward.

What about the implementation team?

I did not use a vendor or an integrator. I did it myself.

What other advice do I have?

I purchased the Bulk Package which included the Log360 application. 

My advice would be to read the setup manual first and contact ManageEngine to assist you with any questions.

When we performed a test setup, we had some unknowns so we contacted ManageEngine. They got back to us with some advice on how to approach the issues. We were able to solve the issues on our end.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about ManageEngine Log360. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
542,267 professionals have used our research since 2012.
JP
IT Security Admin at a university with 501-1,000 employees
Real User
Top 5Leaderboard
A user-friendly log management and alerting solution

Pros and Cons

  • "The reports that you can run are really nice."
  • "It takes a little bit of time for Log360 to actually learn your environment."

What is most valuable?

The reports that you can run are really nice. They give you a lot of standard reports, which are nice, and the ability to run some custom ones, too. It takes some intuitive thinking to use it, but overall it's generally user-friendly; although it takes some digging to find the report you're looking for — it's almost overkill by data.

They have been doing some webinars for their solutions that run-down through it, and those are actually quite helpful. What they're doing for their improvement is kind of nice. They're sending out a series of webinars and then you can log on and ask live questions to the engineers as they're taking you through the use of the product. I am actually finding that quite helpful.

I've had to go leaps and bounds, wondering where stuff was at. There's a lot of tabs to go through. There's a lot of information presented within the system and knowing where to go in it is taking that process through, like, "You go here, you look there, you see this here. Can you think of a use case where you would want to know that?" They ask those questions and they get responses in their webinars and I think that's quite valuable.

They're giving you an hour to go through it and they're covering most of the material in 45 minutes. They need to actually have the product explained a little bit better than just, "Here you go." I think Varonis is a little bit more, "Hey, these are the alerts you have." And then on the right, it drives you right to where you need to go. With ManageEngine, you need to actually have an idea of what you want to do with the information you're looking at. It doesn't drive you in the direction — that's a con. Varonis kind of drives you down. On the right, it gives you the event list and you can go through it and drive to the data on the individual alert. ManageEngine gives you the alert and then you need to know where to go. 

What needs improvement?

Because I haven't been using it long enough, I am not too sure what's missing. I am comparing it with Varonis. The two seem to be lining up a lot, but Varonis is a little bit better as it gives me real-time alerts for the file shares. It takes a little bit of time for Log360 to actually learn your environment. I am dealing with a lot of alerts that aren't exactly valid because it just doesn't know yet.

The learning environment time is a little bit lengthy, but I think it's necessary. Since Varonis was already in the environment, I have no idea how long that took for it to learn that behavior. It's hard for me to compare the two in that aspect, but that's what I'm dealing with. That's what I would expect somebody else to be dealing with if they just got the product and they didn't have anything.

For how long have I used the solution?

I have been using ManageEngine Log360 for the past couple of months.

What other advice do I have?

Overall, on a scale from one to ten, I would give ManageEngine a rating of eight. It gives me a lot of information. Without the webinars, I'd give it a seven.

If they improved their alerting capabilities, I'd give them a higher rating. For example, "Click here to drive down, and here are the recommended steps for evaluating this alert." If it did that, I would give it a rating of ten. That's really the thing that they need. They need to drive their traffic on their platform as opposed to you having to guess where to go.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
SB
ME Product Engineer at a tech services company with 11-50 employees
Reseller
Top 10
Large sizing, good reporting and offers a great shuttle import feature

Pros and Cons

  • "The reporting is great. Everything you need is in the report for you already."
  • "The matter of the data retention needs to be addressed."

What is most valuable?

The solution has many features that I like very much.

The user logs and files are great. The shuttle import is useful for imported logs and prices.

The reporting is great. Everything you need is in the report for you already.

The solution is quite large, which is useful for our level of business.

What needs improvement?

The matter of the data retention needs to be addressed.

The back-end, moving to a whole new server, needs the integration of the data already collected by this tool. Right now, this is lacking. I have some customers that have to collect data for a period of two years. That data needs to be mobile - and we are talking about two terabytes or three terabytes of logs. There's always a problem, where the old server is breaking or at the end of the life, and they need a whole new one and need to migrate, however, it is very hard to find a way to do this effectively.

In a future release, I would like to see some sort of feature that prepares one predefined installation. It would also be ideal if we could have separate servers for separate customers.

I would like to see that there are some items that are predefined, and some features to predefine some settings. For example, I would like to create some custom reports for customer complaints and be able to report the issues and put them into every part of the solution.

For how long have I used the solution?

I've been using the solution for the last two years now.

What do I think about the stability of the solution?

The stability is good. We haven't had any issues with bugs or glitches. It doesn't crash or freeze. When we need to access our data to check on things we can easily.

What do I think about the scalability of the solution?

The scalability is very good. Very nice. We have a distribution version for big IT environments in a global context. We can collect some old download data, to check them, from one place on one single server.

Our organization is quite large, and we have no trouble using this solution to manage the work.

How are customer service and technical support?

We've dealt with technical support in the past. I can say with certainty they have been very good, and very professional. There has been no problem getting help from them when we need it. They're easy to work with. We're satisfied with the level of service they provide to us.

How was the initial setup?

The initial setup was not complex. It was very straightforward. We didn't have any issues with the implementation.

How long it takes in total depends on if you are talking about a full deployment or just an installation. The more jobs, the more time it will take to configure the environment servers, and tasks of that nature. That's got to be solved. However, preparation for that part is most likely very easy and very simple for most organizations and should take perhaps six hours at a maximum.

What other advice do I have?

I am a part-time partner and I am a unique distributor.

We're using the corporate version of the solution. It's the biggest version you can get.

I'd rate the solution nine out of ten. I'm waiting on a new feature they promised us int he third quarter. Other than that, the solution has worked quite well for me and offers almost everything I need.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
MohammadReza
IT Manager at a tech vendor with 51-200 employees
Real User
Top 5
Monitoring and good reporting of active directory activities

Pros and Cons

  • "The most valuable feature is that this solution is more secure than others, and there are more applications and features as well."
  • "We can log in as a local user, and it's fine, but when we login with an Active Directory user, we cannot."

What is our primary use case?

The primary use case of this solution is for reports, file editing, Active Directory editing, and security alerting.

We monitor the action in the Active Directory. For example, if someone changes the password in the Active Directory or the password has failed in the login, or there is a change in policy, then we know which administrator has made the changes. 

We can see all of the reports from the Active Directory and the file server in Log360. It's a good application because the reports are good and it helps to find errors in the system.

What is most valuable?

The most valuable feature is that this solution is more secure than others, and there are more applications and features as well.

Another good feature is that we can install an application on another server and get a report on a single dashboard.

What needs improvement?

There are issues when we log into Log360 from the computer that is hosting the system. It does not connect to the Active Directory. For example, Linux cannot connect or log into Log360 with the Active Directory user. We can log in as a local user, and it's fine, but when we login with an Active Directory user, we cannot.

For how long have I used the solution?

I have been using this solution for one year.

We are using the latest updated version.

What do I think about the stability of the solution?

This solution is stable, we have not had any crashes.

What do I think about the scalability of the solution?

This solution is scalable. We have 100 computers. Scaling up is not a problem.

We have four users in the IT department.

What's my experience with pricing, setup cost, and licensing?

There is a cost for each feature used.

What other advice do I have?

I would recommend this solution to others. I have a friend who has installed it.

I would rate this solution a ten out of ten, it's a very good application.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
JS
Director of Information Technology at a aerospace/defense firm with 501-1,000 employees
Real User
Top 20
Helpful for compliance, but pricing and support can be better

Pros and Cons

  • "It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect."
  • "Their technical support should be improved."

What is our primary use case?

We basically utilize the tool to monitor security events based on a logon process such as bad passwords, lockout, etc.

We are using its latest version. We just upgraded it over the weekend.

What is most valuable?

It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect.

What needs improvement?

Its pricing should be better. Pricing is definitely a big factor for us. 

Their technical support should also be improved.

For how long have I used the solution?

I have been using this solution for about three years.

What do I think about the stability of the solution?

It is pretty stable. We haven't had any problems with the system. I don't use the tool as much as my team does, so I really couldn't get into the specifics. It does what we want in terms of staying in compliance. 

What do I think about the scalability of the solution?

I'm not too familiar with its scalability.

How are customer service and technical support?

I haven't had very good support from those guys.

Which solution did I use previously and why did I switch?

I haven't used any other products, but I've heard of products like LogRhythm and Splunk, and they seem to be supreme to this particular product that we have.

What's my experience with pricing, setup cost, and licensing?

Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.

What other advice do I have?

I would rate ManageEngine Log360 a six out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
JK
Senior IT Support Analyst at a healthcare company with 51-200 employees
Real User
Top 5Leaderboard
Support is not responsive and the stability needs improvement

What is most valuable?

It is nice to be able to monitor and to have notifications.

What needs improvement?

Right now, we can't even get it to work.  The support needs improvement. The stability needs to be improved.

What do I think about the stability of the solution?

ManageEngine Log360 is not a stable solution. It needs improvement.

How are customer service and technical support?

We have tickets in to get it fixed but we are not having a lot of luck.

What other advice do I have?

I would rate ManageEngine Log360 a three out of ten.

What is most valuable?

It is nice to be able to monitor and to have notifications.

What needs improvement?

Right now, we can't even get it to work. 

The support needs improvement.

The stability needs to be improved.

What do I think about the stability of the solution?

ManageEngine Log360 is not a stable solution. It needs improvement.

How are customer service and technical support?

We have tickets in to get it fixed but we are not having a lot of luck.

What other advice do I have?

I would rate ManageEngine Log360 a three out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Download our free ManageEngine Log360 Report and get advice and tips from experienced pros sharing their opinions.