2019-12-25T08:21:00Z

What needs improvement with ManageEngine Log360?

Julia Miller - PeerSpot reviewer
  • 0
  • 152
PeerSpot user
15

15 Answers

Aneesh Mangla - PeerSpot reviewer
Real User
Top 10
2024-01-04T11:41:00Z
Jan 4, 2024

Deploying ManageEngine Log360 is challenging in terms of knowledge. They offer some out-of-the-box configurations, but determining the specific firewall or antivirus in use and importing logs from various software sources can be complex. There is a need for more automation in such solutions, moving towards single-click deployments with minimal configurations. This would be more efficient than setting up complex systems, waiting for log collection, identifying issues, and relying on security experts to analyze logs and configure tools for future attacks. Incorporating more intelligence into the system could significantly improve this process, although the exact method remains unclear due to the evolving nature of cyber threats.

Search for a product comparison
AK
Real User
Top 5
2023-11-30T09:17:15Z
Nov 30, 2023

The solution lacks some features when compared to other products. It must add more features. Incident management for real-time scans must be improved a bit.

CL
Real User
Top 20
2023-09-21T14:38:00Z
Sep 21, 2023

The integration with SharePoint and Teams should be improved.

PO
Real User
Top 5Leaderboard
2023-09-04T07:30:00Z
Sep 4, 2023

The solution needs to improve hub storage. It should integrate AI and ML capabilities.

JS
Real User
Top 5Leaderboard
2023-07-12T14:45:10Z
Jul 12, 2023

There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk. Another area that needs improvement is the integration of various technologies. Currently, they don't cover most of the major technology domains, leaving out significant coverage. Moreover, there are many additional features I would like to see. One feature would be an automated workflow for report downloading and sending it to relevant individuals. Additionally, there should be event triggers to identify and handle duplicated events. It would be helpful to have AI-driven technology to differentiate between real and false alerts, as we receive numerous false positives. Not every event is critical, so an intelligent analysis, such as behavior-driven or logic-based, should be incorporated to suppress unnecessary alerts. So, I want to decrease false positive instances. I would like to see a significant decrease in false positives based on intelligent analysis. The analysis could be behavior-driven or based on any logical approach, but it should be incorporated into the system.

Burak Karakurt - PeerSpot reviewer
Real User
Top 10
2022-10-27T14:38:28Z
Oct 27, 2022

We are always facing more difficulties right now because we are learning. On the logging system, there's a local on-client side that is encrypted, and there's one that is not encrypted. It is only for diagnostical purposes. However, both being encrypted would be very valuable for some audits. We discussed this, and they said it is for diagnostic purposes only. Those logs won't be uploaded or regarded as a base of information for the client. That is only when you have difficulty when you face a problem. Yet changing them manually won't affect the server side, that client's life, or the knowledge of the life of that client. It will, however, be better if all of them are encrypted, and then the support side of the product can get the encrypted log files from us and decrypt and investigate. That way, we wouldn't have to tell ourselves and the auditors and then convince them that is not a vulnerability.

Learn what your peers think about ManageEngine Log360. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
BB
Real User
Top 20
2022-10-04T20:26:08Z
Oct 4, 2022

ManageEngine Log360 could be improved by including XDR, remediation and Sandbox. XDR can be different from other solutions because you don't just get logs, vulnerabilities or cyber threats. Also, SOA can be included as a type of security or phishing risk scam. Azure Sentinel has those features and it is a solution that can detect and remediate simultaneously. We can have a sandbox environment where we flag and simulate an attack. Hence, the system can be aware in case something happens.

Vishal  Rajavat - PeerSpot reviewer
Real User
Top 20
2022-08-30T13:27:09Z
Aug 30, 2022

It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system. The on-premises solution is very slow. When I move to another tab inside Log360 or in the SIEM, even if my system is running on 36 GB and with a high processor, it takes a lot of time to get into the alert page or the search page. It takes a long time to load a single page. With other solutions, such as Splunk, Securonix, Wazuh, I can quickly grab the details within seconds, but with ManageEngine, it takes a lot of time.

JK
Real User
2021-08-25T19:22:00Z
Aug 25, 2021

Right now, we can't even get it to work. The support needs improvement. The stability needs to be improved.

JS
Real User
2021-07-13T14:35:05Z
Jul 13, 2021

Its pricing should be better. Pricing is definitely a big factor for us. Their technical support should also be improved.

JP
Real User
2021-01-18T10:07:19Z
Jan 18, 2021

Because I haven't been using it long enough, I am not too sure what's missing. I am comparing it with Varonis. The two seem to be lining up a lot, but Varonis is a little bit better as it gives me real-time alerts for the file shares. It takes a little bit of time for Log360 to actually learn your environment. I am dealing with a lot of alerts that aren't exactly valid because it just doesn't know yet. The learning environment time is a little bit lengthy, but I think it's necessary. Since Varonis was already in the environment, I have no idea how long that took for it to learn that behavior. It's hard for me to compare the two in that aspect, but that's what I'm dealing with. That's what I would expect somebody else to be dealing with if they just got the product and they didn't have anything.

SB
Reseller
2020-08-30T08:33:25Z
Aug 30, 2020

The matter of the data retention needs to be addressed. The back-end, moving to a whole new server, needs the integration of the data already collected by this tool. Right now, this is lacking. I have some customers that have to collect data for a period of two years. That data needs to be mobile - and we are talking about two terabytes or three terabytes of logs. There's always a problem, where the old server is breaking or at the end of the life, and they need a whole new one and need to migrate, however, it is very hard to find a way to do this effectively. In a future release, I would like to see some sort of feature that prepares one predefined installation. It would also be ideal if we could have separate servers for separate customers. I would like to see that there are some items that are predefined, and some features to predefine some settings. For example, I would like to create some custom reports for customer complaints and be able to report the issues and put them into every part of the solution.

PR
Real User
2020-01-07T06:27:00Z
Jan 7, 2020

The GUI needs to be improved. The graphical interface could be made easier to use when you are connecting to different network equipment. For the service it is straightforward. It is a hassle when you have different manufactures for switches and realtors. Simplifying the user interface would be very helpful. There are issues with stability. In the next release, I would suggest to include not only for enterprise-level switches but also small business-level switches in the system. Some of our offices experienced issues when they had both local switches. Also, simplify the interface when you are adding network equipment.

MR
Real User
2020-01-07T06:27:00Z
Jan 7, 2020

There are issues when we log into Log360 from the computer that is hosting the system. It does not connect to the Active Directory. For example, Linux cannot connect or log into Log360 with the Active Directory user. We can log in as a local user, and it's fine, but when we login with an Active Directory user, we cannot.

Babatunde-Olugbode - PeerSpot reviewer
Real User
2019-12-25T08:21:00Z
Dec 25, 2019

The only thing I'd say is to provide log sheets that accurately describe how this solution works. Most times log sheets are not assigned well. You need to contact your support or you need to go to marketing and I don't like that. Also, a Cloud version would be a major breakthrough. I think it should be looked into because most organizations these days don't want to publish on servers. Also in terms of flexibility, I think a cloud version should be pushed. Backups are very, very important. We had a situation where because cloud reliability is not 100% when we wanted the backup we needed to re-position the server. So instead of starting from the previous position completely, it would be nice if you could just take the file and install the same version of the ones you want because now if you want to run that backup, you must install the one that was going before. I should be able to replicate the same on another server. I should be able to pick the same file and go. So the backup process is not that easy and not that straightforward.

Log360 is your one-stop solution for all log management and network security challenges. It is an integrated solution that combines EventLog Analyzer and ADAudit Plus into a single console to help you manage your Active Directory auditing and network security easily.
Download ManageEngine Log360 ReportRead more

Related Q&As