Try our new research platform with insights from 80,000+ expert users

ManageEngine EventLog Analyzer vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 29, 2024
 

Categories and Ranking

ManageEngine EventLog Analyzer
Ranking in Log Management
26th
Ranking in Security Information and Event Management (SIEM)
30th
Average Rating
7.6
Number of Reviews
11
Ranking in other categories
No ranking in other categories
Splunk Enterprise Security
Ranking in Log Management
1st
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Number of Reviews
301
Ranking in other categories
IT Operations Analytics (1st)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of ManageEngine EventLog Analyzer is 1.0%, down from 1.3% compared to the previous year. The mindshare of Splunk Enterprise Security is 10.9%, down from 14.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Edu Edu - PeerSpot reviewer
Nov 15, 2023
Helps with remote logging but reports need to be more detailed
We use ManageEngine EventLog Analyzer for remote logging The tool's reports show activities. I would like to see more detailed reports. I have been working with the product for two years. I rate the tool's stability a ten out of ten. ManageEngine EventLog Analyzer is scalable. I rate it…
Sameep Agarwal. - PeerSpot reviewer
Oct 23, 2023
It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query
The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system. Splunk needs to be tweaked in JSON so you can limit what is coming from the endpoints, especially the events. One needs to filter that out so that only certain events are ingested, like login failures, Active Directory changes, password reset requests, privilege modifications, etc. Each Windows machine generates about 310 KB of information per event, but we can tweak that down to about 50 KB.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's one of the easiest products. It's very simple to use."
"The log management has helped to improve my organization."
"ManageEngine EventLog Analyzer is easy to gather reports to give to management. My supervisor has access to the solution and he enjoys the graphs."
"I have made use of technical support and am certainly very satisfied with them."
"What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications. It seamlessly integrates throughout the ManageEngine suite, and that's beneficial. I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team."
"The tool's reports show activities."
"The most valuable features of ManageEngine EventLog Analyzer are the number of capabilities, file integration monitoring, web server log collection, and alert configuration."
"The user interface is very good."
"I like Splunk's automated threat detection and orchestration capabilities. Splunk offers a single solution for analyzing, aggregating, correlating, monitoring, reporting, visualizing, etc. You can get all of these capabilities in one place. On top of that, it provides a cloud, testing, on-premise, and hybrid solution, giving customers more flexibility for their use cases."
"The solution allows easy gathering and ingestion of the data."
"Splunk Enterprise Security is a valuable tool that allows us to monitor data from the APS daily."
"It follows MITRE ATT&CK and Cyber Kill Chain frameworks. There are certain notable events for which we can configure our security posture."
"The alerts are very effective."
"Splunk setup is easy and straightforward. ​"
"We can do things in minutes instead of days."
"One key advantage of Splunk over competitors like IBM QRadar is its superior device integration capabilities."
 

Cons

"The scalability is limited."
"There's a lot to improve in terms of connectivity. Currently, we're utilizing it across various infrastructures and environments, including others' cloud. However, connecting it to our infrastructure and integrating it with some of our SMAX solutions poses difficulties."
"The first tier of customer service and support is not great."
"I would like to see more detailed reports."
"It may not be as easy to use as Splunk."
"Support could improve to make the solution better."
"The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."
"What I'd like to see as an improvement to ManageEngine EventLog Analyzer is for it to be more AI-driven. Having more automation would also make the solution better."
"Having analysts put their notes directly within the investigation feature in the incident review would be beneficial."
"Splunk isn't appropriate for smaller companies. It's too expensive."
"They can improve their support teams. They can also improve their capability of ingesting data from different IoT sources."
"This solution could be improved by better pricing in general and by easier installation."
"A lot of people are averse to using new tools so if they make it even more user-friendly than it already is, I think that could go a long way."
"DMC should be a little more intuitive with better dashboarding. Seeing the cause of data flow can be tough to track down."
"I'd say I am happy with the technical support, not elated. They provide great support, but sometimes they don't have the answers that I need."
"When you get into large amounts of data, Splunk can get pretty slow. This is the same on-premise or AWS, it doesn't matter. The way that they handle large data sets could be improved."
 

Pricing and Cost Advice

"There is a yearly subscription for the solution."
"ManageEngine EventLog Analyzer is expensive. Its licensing costs are annual."
"There is a license required for these solutions. The customer can choose the license type, such as an annual license purchase or a perpetual license. If the customer wants maintenance they will have to pay annually."
"We paid for the license of the solution and the deployment. The price of ManageEngine EventLog Analyzer is less expensive than other solutions."
"Licensing for ManageEngine EventLog Analyzer is paid yearly."
"ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license."
"Splunk Enterprise Security is expensive. I would rate the cost an eight out of ten with ten being the most expensive."
"While Splunk is more expensive than other solutions, we would still choose it because of its capabilities."
"It can be cost-prohibitive when you start to scale and have terabytes of data. Its cost model is based on how much data it processes a day. If they're able to create scaled-down niche or custom package offerings, it may help with the cost. Instead of the full-blown features, if they can narrow the scope where it can only be used for a specific purpose, it would kind of create that market for the product, and it may help with the costing. When you start using it as a central aggregator and you're pumping tons of logs at it, pretty soon, you'll start hitting your cap on what it can process a day. Once you've got that, you're kind of defeating the purpose because you're going to have to scale back."
"Splunk Enterprise Security is an expensive solution."
"As a team, we prefer the old pricing model with a perpetual license. We are still evaluating the whole subscription-based model."
"I think the price could be improved."
"The pricing modules could be improved."
"Splunk is definitely not a cheap solution. It is an expensive product."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
20%
Government
9%
Manufacturing Company
7%
Financial Services Firm
7%
Financial Services Firm
16%
Computer Software Company
14%
Government
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ManageEngine EventLog Analyzer?
The reporting features are noteworthy, as they provide templates that streamline the process of generating reports
What needs improvement with ManageEngine EventLog Analyzer?
There's a lot to improve in terms of connectivity. Currently, we're utilizing it across various infrastructures and environments, including others' cloud. However, connecting it to our infrastructu...
What is your primary use case for ManageEngine EventLog Analyzer?
We use ManageEngine EventLog Analyzer to collect logs from all our IT assets, including servers and databases. We utilize these logs to detect triggers, alerts, or security incidents related to Del...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Also Known As

EventLog Analyzer
No data available
 

Overview

 

Sample Customers

Moody National Bank, EnCircle, Goldleaf Financial Solutions, Inc, IBM, Ernst & Young, Micro Linear, Silverbeck-Rymer Solicitors, Provincial Court of British Columbia, Eleventh Judicial Circuit of Florida, OGILVY & MATHER, E! Entertainment, Tribune-Review Publishing Co.
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about ManageEngine EventLog Analyzer vs. Splunk Enterprise Security and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.