We performed a comparison between AlienVault OSSIM and ManageEngine EventLog Analyzer based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The analytic rule is the most valuable feature."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The product is easy to use."
"The paid version of the solution has reporting and better scalability options."
"AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations."
"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"Better than other SIEM solutions because almost everything can be integrated."
"You can customize the dashboards as well as the reporting."
"Asset discovery is good."
"The most valuable features of this solution are the data correlation and vulnerability assessment."
"The tool's reports show activities."
"What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications. It seamlessly integrates throughout the ManageEngine suite, and that's beneficial. I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team."
"The log management has helped to improve my organization."
"The initial setup is straightforward"
"The user interface is very good."
"The most valuable features of ManageEngine EventLog Analyzer are the number of capabilities, file integration monitoring, web server log collection, and alert configuration."
"It is stable."
"It's one of the easiest products. It's very simple to use."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"The product can be improved by reducing the cost to use AI machine learning."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"AlienVault OSSIM should improve the deployment and make it unified like the USM."
"AlienVault OSSIM’s configuration and integration could be a little easier."
"We need more dashboards and we need more customization for dashboards."
"The user interface needs to be friendlier across the board."
"GUI could be improved."
"The price of this solution is very high and it could be cheaper."
"The correlation engine needs to be improved."
"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."
"There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple."
"The scalability is limited."
"I would like to see more detailed reports."
"The solution should improve on its log capturing capabilities."
"Support could improve to make the solution better."
"The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."
"What I'd like to see as an improvement to ManageEngine EventLog Analyzer is for it to be more AI-driven. Having more automation would also make the solution better."
"There's a lot to improve in terms of connectivity. Currently, we're utilizing it across various infrastructures and environments, including others' cloud. However, connecting it to our infrastructure and integrating it with some of our SMAX solutions poses difficulties."
More ManageEngine EventLog Analyzer Pricing and Cost Advice →
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 27 reviews while ManageEngine EventLog Analyzer is ranked 23rd in Security Information and Event Management (SIEM) with 11 reviews. AlienVault OSSIM is rated 7.4, while ManageEngine EventLog Analyzer is rated 7.6. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of ManageEngine EventLog Analyzer writes "Modular software that seamlessly integrates with other applications and provides good technical support". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and LogRhythm SIEM, whereas ManageEngine EventLog Analyzer is most compared with ManageEngine Log360, Fortinet FortiAnalyzer, Wazuh, SolarWinds Kiwi Syslog Server and Datadog. See our AlienVault OSSIM vs. ManageEngine EventLog Analyzer report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.