We performed a comparison between Fortinet FortiSIEM and ManageEngine EventLog Analyzer based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses."
"The event correlation is pretty robust. The GUI is pretty good."
"The product's initial setup phase was easy."
"Fortinet FortiSIEM's most valuable feature is the simplicity in handling multi-tenancy and the ability to switch between different clients at the same time. That was handled flawlessly."
"Fortinet FortiSIEM needs to provide better API integrations to users."
"We have many application systems, and I can set up Fortinet FortiSIEM for users to monitor their systems."
"We find the solution to be stable."
"The most valuable feature of Fortinet FortiSIEM is the correlation of many events."
"The initial setup is straightforward"
"The tool's reports show activities."
"What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications. It seamlessly integrates throughout the ManageEngine suite, and that's beneficial. I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team."
"The reporting features are noteworthy, as they provide templates that streamline the process of generating reports"
"It is stable."
"I have made use of technical support and am certainly very satisfied with them."
"ManageEngine EventLog Analyzer is easy to gather reports to give to management. My supervisor has access to the solution and he enjoys the graphs."
"The most valuable features of ManageEngine EventLog Analyzer are the number of capabilities, file integration monitoring, web server log collection, and alert configuration."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"The stability of the product is an area of concern where improvements are required."
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome."
"Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.vvv"
"Fortinet FortiSIEM could improve by having a signature update."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"The challenge I face with Fortinet FortiSIEM is the lack of support."
"Not very good on non-API features, lacks that functionality."
"What I'd like to see as an improvement to ManageEngine EventLog Analyzer is for it to be more AI-driven. Having more automation would also make the solution better."
"The solution should improve on its log capturing capabilities."
"The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."
"The scalability is limited."
"There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple."
"It may not be as easy to use as Splunk."
"Support could improve to make the solution better."
"The first tier of customer service and support is not great."
More ManageEngine EventLog Analyzer Pricing and Cost Advice →
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while ManageEngine EventLog Analyzer is ranked 23rd in Security Information and Event Management (SIEM) with 11 reviews. Fortinet FortiSIEM is rated 7.6, while ManageEngine EventLog Analyzer is rated 7.6. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of ManageEngine EventLog Analyzer writes "Modular software that seamlessly integrates with other applications and provides good technical support". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Meraki Dashboard, whereas ManageEngine EventLog Analyzer is most compared with ManageEngine Log360, Fortinet FortiAnalyzer, Wazuh, SolarWinds Kiwi Syslog Server and SolarWinds Log Analyzer. See our Fortinet FortiSIEM vs. ManageEngine EventLog Analyzer report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.