Try our new research platform with insights from 80,000+ expert users

ManageEngine Log360 vs Microsoft Sentinel comparison

ManageEngine and Microsoft are both solutions in the Security Information and Event Management (SIEM) category. ManageEngine is ranked #19 with an average rating of 7.3, while Microsoft is ranked #3 with an average rating of 8.4. ManageEngine holds a 1.9% mindshare in SIEM, compared to Microsoft’s 8.6% mindshare. Additionally, 69% of ManageEngine users are willing to recommend the solution, compared to 93% of Microsoft users who would recommend it.
ManageEngine Log360
Read 16 ManageEngine Log360 reviews
  • 2,788 Views
  • 1,956 Comparison Views
69% willing to recommend
Microsoft Sentinel
Read 89 Microsoft Sentinel reviews
  • 15,671 Views
  • 9,346 Comparison Views
93% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

ManageEngine Log360 and Microsoft Sentinel are leading security information and event management (SIEM) solutions. Microsoft Sentinel seems to have the upper hand due to its advanced features and AI capabilities, although it comes at a higher cost.

Features: ManageEngine Log360 users value its comprehensive event logging, easy integration with various systems, and cost-effectiveness. Microsoft Sentinel users highlight its advanced analytics, AI capabilities, and comprehensive security monitoring. Microsoft Sentinel presents a more robust feature set despite its complexity.

Room for Improvement: ManageEngine Log360 needs improvements in scalability, reporting functionalities, and user interface. Microsoft Sentinel requires better documentation, simplified initial setup, and more user-friendly navigation. Each product has distinct areas where improvements are needed.

Ease of Deployment and Customer Service: ManageEngine Log360 generally receives positive feedback for straightforward deployment and responsive customer support. Microsoft Sentinel's deployment can be more challenging due to its complexity, though users commend its robust support services.

Pricing and ROI: ManageEngine Log360 is praised for its cost-effectiveness and quicker ROI by many users. Microsoft Sentinel, while perceived as more expensive, justifies its cost through powerful capabilities and long-term value.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ManageEngine Log360 vs. Microsoft Sentinel Report (Updated: December 2024).
Buyer's Guide
ManageEngine Log360 vs. Microsoft Sentinel
December 2024
Download the complete report
Helped 831,997 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ManageEngine Log360
Ranking in Security Information and Event Management (SIEM)
19th
Average Rating
7.4
Reviews Sentiment
6.9
Number of Reviews
16
Ranking in other categories
Log Management (24th), User Entity Behavior Analytics (UEBA) (10th)
Microsoft Sentinel
Ranking in Security Information and Event Management (SIEM)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
89
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (1st), Microsoft Security Suite (5th), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

As of January 2025, in the Security Information and Event Management (SIEM) category, the mindshare of ManageEngine Log360 is 1.9%, down from 2.0% compared to the previous year. The mindshare of Microsoft Sentinel is 8.6%, down from 10.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Julio Cesar De Faria Junior - PeerSpot reviewer
Real-time security management with potential for enhanced training materials
I use ManageEngine Log360 to manage company alerts. It is used in the security part, looking for issues in Active Directory and performing various tasks in Office 365 Using ManageEngine Log360 has been a significant improvement for our company because it consolidates multiple tools into a single…
Read full review
KrishnanKartik - PeerSpot reviewer
Every rule enriched at triggering stage, easing the job of SOC analyst
It's a Big Data security analytics platform. Among the unique features is the fact that it has built-in UEBA and analytical capabilities. It allows you to use the out-of-the-box machine learning and AI capabilities, but it also allows you to bring your own AI/ML, by bringing in your own IPs and allowing the platform to accept them and run that on top of it. In addition, the SOAR component is a pay-per-use model. Compared to any other product, where customization is not available, you can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today. Other vendors charge heavily for the SOAR, but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer. The SOAR engine also uniquely helps us to automate most of the incidents with automated enrichment and that cuts out the L1 analyst work. And combining M365 with Sentinel, if you want to call it integration, takes just a few clicks: "next, next finish." If it is all M365-native, it is a maximum of three or four steps and you'll be able to ingest all the logs into Sentinel. That is true even with AWS or GCP because most of the connectors are already available out-of-the-box. You just click, put in your subscription details, include your IAM, and you are finished. Within five to six steps, you can integrate AWS workloads and the logs can be ingested into Sentinel. When it comes to a third party specifically, such as log sources in a data center or on-premises, we need a log collector so that the logs can be forwarded to the Sentinel platform. And when it comes to servers or something where there is an agent for Windows or Linux, the agent can collect the logs and ship them to the Sentinel platform. I don't see any difficulties in integrating any of the log sources, even to the extent of collecting IoT log sources. Microsoft Defender for Cloud has multiple components such as Defender for Servers, Defender for PaaS, and Defender for databases. For customers in Azure, there are a lot of use cases specific to protecting workloads and PaaS and SaaS in Azure and beyond Azure, if a customer also has on-premises locations. There is EDR for Windows and Linux servers, and it even protects different kinds of containers. With Defender for Cloud, all these sources can be seamlessly integrated and you can then track the security incidents in Microsoft's XDR platform. That means you have one more workspace, under Azure, not Defender for Cloud, where you can see the security incidents. In addition, it can be integrated with Sentinel for EDR deep-dive analytics. It can also protect workloads in AWS. We have customers for whom we are protecting their AWS workloads. Even EKS, Elastic Kubernetes Service, on AWS can be integrated, as can the GKE (Google Kubernetes Engine). And with Defender for Cloud, security alert ingestion is free
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The reporting is great. Everything you need is in the report for you already."
"ManageEngine Log360 is not difficult to deploy."
"It is nice to be able to monitor and to have notifications."
"The solution could be improved by including XDR, remediation and Sandbox."
"The Sharecon feature is the most valuable."
"It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect."
"The reports that you can run are really nice."
"The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities."
More ManageEngine Log360 pros
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
More Microsoft Sentinel pros
 

Cons

"On the logging system, there's a local on-client side that is encrypted, and there's one that is not encrypted. It is only for diagnostical purposes. However, both being encrypted would be very valuable for some audits."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
"The matter of the data retention needs to be addressed."
"It is not expensive compared to other solutions."
"The solution lacks some features when compared to other products."
"Their technical support should be improved."
"Most times log sheets are not assigned well."
"We can log in as a local user, and it's fine, but when we login with an Active Directory user, we cannot."
More ManageEngine Log360 cons
"I would like Microsoft Sentinel to enhance its SOAR capabilities."
"The product can be improved by reducing the cost to use AI machine learning."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"The pricing could be improved."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"The reporting could be more structured."
More Microsoft Sentinel cons
 

Pricing and Cost Advice

"Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved."
"My client has a yearly license. I think the cost is not expensive compared to that of other SIEMs, given the service it is providing."
"There is a cost for each feature used."
"Affordable pricing is provided by the solution."
"ManageEngine Log360 is expensive compared to other products."
"Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
"The combination of the ease of accessibility and the free cost of the service is great. But we buy storage based on our events per second and on how many sources are integrated into the solution."
"Sentinel can be expensive. When you ingest data from sources that are outside of the cloud, you're paying a fair amount for that data ingestion. When you're ingesting data sources from within the cloud, depending on what your retention periods are, it's not that expensive."
"We only pay for the amount of data we bring in, which is fair."
"Sentinel is costly compared to other solutions, but it's fair. SIEM solutions like CrowdStrike charge based on daily log volume. They generally process a set number of logs for free before they start charging. Microsoft's pricing is clearer. It's free under five gigabytes. Some of these logs we ingest have a cost, so they don't hide it. I believe the tenant pays the price, and Microsoft helps create awareness of the cost."
"Sentinel is fairly priced and pretty cost-effective."
"Microsoft Sentinel is expensive."
"I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
More Microsoft Sentinel pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
831,997 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Government
9%
Financial Services Firm
8%
Manufacturing Company
6%
Computer Software Company
16%
Financial Services Firm
11%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ManageEngine Log360?
The product is very user-friendly.
See all answers
What is your experience regarding pricing and costs for ManageEngine Log360?
The cost is medium. It is not very expensive and not very cheap. It seems to be a good price for the range of tools it provides.
See all answers
What needs improvement with ManageEngine Log360?
While ManageEngine Log360 is a significant improvement, there could be enhancements in terms of integrating more user-friendly training materials and better deployment documentation.
See all answers
Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
See all answers
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
 

Comparisons

ManageEngine EventLog Analyzer vs ManageEngine Log360 Logo
ManageEngine EventLog Analyzer vs ManageEngine Log360
Compared 21% of the time
Wazuh vs ManageEngine Log360 Logo
Wazuh vs ManageEngine Log360
Compared 16% of the time
Splunk Enterprise Security vs ManageEngine Log360 Logo
Splunk Enterprise Security vs ManageEngine Log360
Compared 14% of the time
Fortinet FortiSIEM vs ManageEngine Log360 Logo
Fortinet FortiSIEM vs ManageEngine Log360
Compared 6% of the time
Rapid7 InsightIDR vs ManageEngine Log360 Logo
Rapid7 InsightIDR vs ManageEngine Log360
Compared 4% of the time
More ManageEngine Log360 Competitors
AWS Security Hub vs Microsoft Sentinel Logo
AWS Security Hub vs Microsoft Sentinel
Compared 21% of the time
IBM Security QRadar vs Microsoft Sentinel Logo
IBM Security QRadar vs Microsoft Sentinel
Compared 10% of the time
Cortex XSIAM vs Microsoft Sentinel Logo
Cortex XSIAM vs Microsoft Sentinel
Compared 8% of the time
Wazuh vs Microsoft Sentinel Logo
Wazuh vs Microsoft Sentinel
Compared 6% of the time
Google Chronicle Suite vs Microsoft Sentinel Logo
Google Chronicle Suite vs Microsoft Sentinel
Compared 5% of the time
More Microsoft Sentinel Competitors
 

Product Reports

Buyer's Guide
ManageEngine Log360
January 2025
ManageEngine Log360 reportDownload ManageEngine Log360 product report
Buyer's Guide
Microsoft Sentinel
January 2025
Microsoft Sentinel reportDownload Microsoft Sentinel product report
 

Also Known As

No data available
Azure Sentinel
 

Overview

Log360 is your one-stop solution for all log management and network security challenges. It is an integrated solution that combines EventLog Analyzer and ADAudit Plus into a single console to help you manage your Active Directory auditing and network security easily.

ManageEngine

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Microsoft
 

Sample Customers

First Mountain Bank, TRA, Citadel Group, OnPoint Financial Corp, Florida Dept. of Transportation
Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
Buyer's Guide
ManageEngine Log360 vs. Microsoft Sentinel
December 2024
Free Report: ManageEngine Log360 vs. Microsoft Sentinel
Find out what your peers are saying about ManageEngine Log360 vs. Microsoft Sentinel and other solutions. Updated: December 2024.
DOWNLOAD NOW
831,997 professionals have used our research since 2012.
See our ManageEngine Log360 vs. Microsoft Sentinel report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.