ManageEngine Log360 Reviews

ManageEngine Log360 was used as a central log collecting system from all Unix and Windows servers that our products resided on. Logs were collected to ManageEngine Log360 as a central log collecting system. For local regulations, logs were daily signed with a hash, though not all logs were included. The hash of the logs was signed with a timestamp and stored for 10 years.

The main benefits seen from using ManageEngine Log360 were the ability to fulfill the requirements of local regulations by collecting logs from all servers of all products. ManageEngine Log360 enabled signing logs with timestamps so that the non-changeability of the data within was guaranteed. It was a necessary tool that performed as expected.

ManageEngine Log360 could integrate with all systems, making it possible to integrate everything to the central location, which made it a useful and necessary tool.

Compliance management capabilities in ManageEngine Log360 were utilized, though not fully.

The alerting capabilities in ManageEngine Log360 needed work for creating alarms for the cases where alarms were needed and for prioritizing the alarms for criticality.

ManageEngine Log360 uses PostgreSQL as its own database but does not automatically parse and allow creation of alarms the way it does in MS SQL. There is less support in PostgreSQL than in MS SQL. The ability to create alarms based on parsed data in the same way MS SQL does would have been beneficial and would have saved considerable time. On the PostgreSQL side, it was not parsing much, which required a lot of manual work. This support is needed, and I am sure many companies need this support on PostgreSQL.

MS SQL features that were missing in ManageEngine Log360 that should be included in the future are those that automatically parse an MS SQL database and provide options for setting alarms. On the PostgreSQL side, this is not the same. At minimum, PostgreSQL support should reach the MS SQL level of features and support that ManageEngine Log360 presents.

ManageEngine Log360 was used for over two years.

ManageEngine Log360 was not used to its limits, so feedback about performance or resource consumption or whether it created a bottleneck cannot be reliably provided, because the traffic was not really up to the limits when it was being used.

The company as a customer did not interact much with ManageEngine's technical support. However, it is known that one or two times Vitel raised issues and requested support from the vendor.

Neutral

Involvement in the initial setup of ManageEngine Log360 was direct. Local support came from a Turkish company called Vitel. On the technical side, Vitel had really good technical support. They spoke the same language, and they were really competent in what they were doing. They provided good support throughout the setup and installation. After that, when problems or questions arose, contact with them provided answers.

ManageEngine Log360 was one of the most important criteria when choosing from many logging or SIEM products because it was really cost-effective.

When evaluating options, many products were searched over three years ago to see what else could be used. ManageEngine Log360 was one of the solutions, and with the features required and the price range, it was the most suitable one. It was chosen at that time.

The threat detection feature in ManageEngine Log360 cannot be accurately assessed because involvement in the project was at the management level rather than being hands-on technically.

ManageEngine Log360 did help with regulations that include GDPR, but another tool, a DLP tool, was used mostly for the GDPR part. Data had to be classified, and that tool was used mostly for GDPR and DLP rules to prevent classified data from leaving the system without control. ManageEngine Log360 was not heavily relied upon for that.

The user behavior analytics in ManageEngine Log360 is not well understood.

For regulatory reasons, the cloud version of ManageEngine Log360 could not be used, as it was not possible to use the cloud. The data and everything had to be kept on servers on-premise.

For someone looking for a similar solution today, the focus should first be on the features that ManageEngine Log360 offers and which features satisfy the needed requirements. Candidate products should be chosen based on the solutions they offer first. The second criteria should be the pricing. After seeing which products are viable candidates from a feature perspective, the prices should be reviewed to determine which is budget-wise friendly. Everyone should follow this same methodology by checking if the product is the right fit and throughout the right products, determining if it is the budget-wise friendly one.

The overall review rating for this solution is 8.

ManageEngine Log360 is being used for database monitoring and as a SIEM solution.

ManageEngine Log360 helps reduce some cybersecurity risks. The features being used were also available in AlienVault, so nothing particularly special stands out. The solution suits the budget and provides what is needed. ManageEngine Log360 was selected because AlienVault was moving strictly away from on-premises to the cloud, and an on-premises solution was required. ManageEngine Log360 provides the same capabilities that were being enjoyed with AlienVault. The support provided is fantastic.

ManageEngine Log360 could provide more in-depth insights, particularly in reporting. Some other solutions provide deeper insights into issues, especially when generating reports. More detailed insights should be included in the standard offering rather than requiring add-on modules. The reporting module may need to be purchased as an add-on to achieve this level of depth.

Without needing to purchase an add-on module, ManageEngine Log360 should include more in-depth reporting capabilities in the current module.

ManageEngine Log360 has been in use for going on three years, as AlienVault was used before this.

The stability of the product rates a nine out of ten.

Scalability rates a nine out of ten.

The support provided by ManageEngine Log360 is fantastic.

Positive

AlienVault was used before ManageEngine Log360. The transition was enjoyable with AlienVault, and ManageEngine Log360 provides the same capabilities needed.

The setup is simple. ManageEngine products are always simple to set up.

The purchase was made through a vendor rather than dealing directly with ManageEngine Log360.

Everything comes down to how the solution is configured. The solution has been configured to be enjoyed and provides value based on that configuration. The timeline feature is fantastic, but the outcome still depends on how the end user utilizes it. Reporting and notification features in ManageEngine Log360 are worth acknowledging. The overall rating given to this solution is a ten because it is a pocket-sized product that delivers significant value.

Overview
ManageEngine Log360 serves as a comprehensive log management solution designed to provide organizations with centralized visibility into their IT infrastructure. The platform's core functionality revolves around maintaining log servers while offering real-time insights into active users, server activities, and object interactions.

Key Use Cases

1. Enterprise Monitoring & Analytics
   • Enables organizations to perform standardized analysis of user and application activities
   • Particularly valuable for financial institutions (e.g., Bangladeshi banks) monitoring entity behavior
   • Detects abnormal commands and suspicious activities across the environment
2. Unified Log Management
   • Aggregates logs from diverse sources including:
     • Firewalls
     • Windows and Linux endpoints
     • Network infrastructure devices
   • Provides single-pane-of-glass visibility through a centralized management dashboard

Critical Features

• Advanced Monitoring Capabilities
  • Tracks all system activities including:
    • Group Policy Object (GPO) modifications
    • Organizational Unit (OU) and user group changes
  • Monitors access to sensitive data and identifies potential security risks
• User Behavior Analytics (UBA)
  • Flags anomalous user activities through intelligent pattern recognition
  • Enables quick identification of potential security incidents
  • Provides entity-specific segregation for targeted investigation
• Smart Log Processing
  • Automatically processes thousands of daily logs
  • Implements intelligent filtering to highlight critical events
  • Reduces manual review requirements through:
    • Priority-based log segregation
    • Automated email alerts for significant events

Administrative Benefits
The solution's administrator dashboard offers comprehensive system oversight, with particular strengths in Microsoft 365 event log analysis. This centralized management capability represents one of the platform's most valuable aspects for enterprise customers.

Conclusion
ManageEngine Log360 delivers robust log management with specialized capabilities in security monitoring and user behavior analysis. Its ability to consolidate logs from heterogeneous environments while reducing alert fatigue through intelligent filtering makes it particularly suitable for organizations requiring enterprise-grade security monitoring without excessive administrative overhead.

As an integrator, we’ve deployed Log360 for 5+ clients. Key benefits:

✅ Centralized monitoring – All logs (AD, firewalls, endpoints) in one dashboard
✅ Faster troubleshooting – Root cause analysis for lockouts/errors now takes minutes vs. hours
✅ UEBA alerts – Detects risky user/device behavior automatically
✅ Compliance ready – Pre-built templates for GDPR/PCI audits

Challenges: Needs proper setup (2-3 weeks) and alert tuning. Best for orgs with dedicated IT teams.
*Key metrics: 60-70% faster incident resolution, 90% fewer manual log reviews*

Most Valuable Features of ManageEngine Log360 and Their Benefits

1. User Behavior Analytics (UBA)
   • Why valuable: The UBA module provides exceptional visibility into user activities across the network, enabling detection of anomalous behavior that could indicate security threats. Its machine learning algorithms establish baseline behavior patterns and flag deviations, helping identify potential insider threats or compromised accounts much faster than manual monitoring.
   • Practical impact: Reduces investigation time for security incidents by automatically correlating suspicious activities across multiple systems.
2. Modular, Customizable Architecture
   • Why valuable: The solution's flexible design allows organizations to select only the components they need (like UBA, Microsoft 365 monitoring, or Azure integration), making it cost-effective and avoiding feature bloat.
   • Market advantage: This modular approach has made Log360 particularly popular in Bangladesh, where organizations can tailor the solution to their specific requirements and budget constraints.
3. Compliance Reporting Engine
   • Why valuable: Comes with pre-configured templates for major regulations (GDPR, PCI DSS, local standards) that can be customized without coding expertise.
   • Operational benefit: Saves significant time during audits by automatically generating compliance reports that meet exact organizational requirements.
4. Agentless Monitoring Technology
   • Why valuable: The agentless architecture simplifies deployment and reduces maintenance overhead while still providing comprehensive log collection.
   • Technical advantages:
     • Enables real-time log filtering without impacting system performance
     • Provides seamless communication between workstations and the central server
     • Generates immediate alerts for critical errors or security events
   • Administrative benefit: System administrators can easily configure exactly which logs to monitor without worrying about agent deployment or compatibility issues.
5. Unified Dashboard Interface
   • Why valuable: Consolidates data from multiple sources (network devices, servers, cloud services) into a single, actionable view.
   • Efficiency gain: Eliminates the need to switch between multiple monitoring tools, significantly improving incident response times.

Implementation Benefits Observed:

• Organizations can start with basic log management and add advanced features like UBA as their security maturity grows
• The solution scales effectively from mid-sized businesses to large enterprises
• Reduces the total cost of ownership compared to using multiple point solutions
• Particularly effective for organizations with hybrid (cloud + on-premises) environments

The combination of these features provides a balance of advanced security capabilities, operational flexibility, and cost efficiency that makes Log360 stand out from competing solutions in the market. Its ability to grow with an organization's needs while maintaining ease of use has been particularly valuable for our clients across various industries.

1. Enhanced Cloud Integration

Current Gap:

Log360 lacks native integration with Microsoft Intune and cloud-based Active Directory (Azure AD), limiting visibility for organizations transitioning to hybrid or fully cloud environments.

Requested Improvements:

Direct Intune Log Collection: Ability to ingest and correlate logs from Intune-managed devices to monitor compliance, device health, and security policies.

Azure AD Deep Integration: Support for Azure AD audit logs, conditional access events, and identity protection alerts to provide end-to-end visibility.

Cloud Workload Monitoring: Extend coverage to SaaS applications (e.g., Microsoft 365, AWS, GCP) for unified threat detection.

Why It Matters:

Many clients have migrated from on-prem AD to cloud-first setups this year. Without cloud-native log collection, critical security events (e.g., rogue Intune policies or Azure AD breaches) go unmonitored.

2. Improved Automation and Response

Current Gap:

Limited automated remediation (e.g., auto-isolating compromised devices) forces manual intervention.

Requested Features:

Playbook Automation: Pre-built workflows to auto-resolve common issues (e.g., disabling users after brute-force attacks).

SOAR Integration: APIs to connect with SIEM/SOAR platforms (e.g., Splunk, Palo Alto Cortex) for escalated threat response.

I have been working with Log360 for around three plus years.

This is a stable product.

The solution is scalable. The technical support from ManageEngine is very good. A couple of months ago, one of our clients faced a disaster in their system. We backed up the database and completed the recovery with the application, proving it is reliable for disaster recovery. They primarily store backups and do not rely on a whole integrated application, but disaster recovery is available with this application being scalable.

The technical support from ManageEngine is very good. The solutions they provide are valuable, and I would rate their technical support as nine out of ten.

We are happy with the integration capabilities of ManageEngine Log360 because we have worked with Cisco and IBM log solutions, and this is much better than those two solutions. From a cost perspective in Bangladesh, this is a very popular solution.

It is easy to install; anyone can do it with just one CD, and they can easily utilize the system.

There is a return on investment; when an administrator utilizes this solution, they can easily assess their operational level. If unauthorized personnel attempt to add logs, the monitoring informs the administrator, enabling them to act promptly, leading to savings in both time and money for the company.

The price is suitable from a perspective of different pricing options. We already have an ongoing project where some features analytics can be escaped, and companies can manage their budgets carefully to purchase what they need.

Prior to implementing ManageEngine Log360, we conducted a thorough comparative analysis of several leading SIEM and log management solutions in the market. Our evaluation specifically included:

1. Cisco Secure Network Analytics (formerly Stealthwatch)
   • Strengths: Strong network visibility and threat detection
   • Limitations:
     • Complex deployment requiring significant infrastructure changes
     • Higher total cost of ownership for our clients
     • Less intuitive interface for non-technical users
2. IBM QRadar
   • Strengths: Powerful correlation engine and enterprise-scale capabilities
   • Limitations:
     • Steeper learning curve for administrators
     • Overly complex for mid-sized organizations
     • Substantially higher licensing costs

Key Differentiators of ManageEngine Log360:

• Superior Cost-Effectiveness: Particularly important for the Bangladeshi market where IT budgets are often constrained
• Easier Integration: More seamless connectivity with diverse systems commonly used by our clients
• User-Friendly Interface: Reduced training requirements compared to Cisco/IBM solutions
• Local Market Fit: Better alignment with the technical requirements and compliance needs of regional organizations

Decision Factors:

1. Total Cost of Ownership: Log360 provided the best balance of features and affordability
2. Implementation Speed: Faster deployment timeline compared to enterprise alternatives
3. Ongoing Management: Lower maintenance overhead for client IT teams
4. Scalability: Flexible licensing suitable for organizations of varying sizes

While Cisco and IBM solutions remain excellent for large enterprises with dedicated security teams, ManageEngine Log360 proved to be the optimal choice for the majority of our clients in terms of both functionality and economic viability in the Bangladeshi context.

As a System Engineer and service provider, I’ve observed critical trends in how organizations deploy Log360, along with key opportunities for improvement:

1. Cloud Adoption is Inevitable – Log360 Must Adapt

• Current Gap: While 90% of our clients still use on-premises logging, cloud migration is accelerating. Many lack Azure solutions, but will need them soon.
• Recommendation: Enhance native Azure integration (beyond basic API connectivity) to support:
  • Azure AD and Microsoft Defender for Endpoint logs
  • Intune compliance and device management events
  • Auto-discovery of cloud workloads to simplify onboarding

2. Hybrid Deployment Flexibility

• Current Strength: Log360 excels in on-prem environments, but hybrid setups need refinement.
• Advice: Introduce a unified licensing model for mixed on-prem/cloud deployments to avoid cost penalties during transition.

3. Compliance Reporting – A Standout Feature

• Why It Works: Pre-built templates for GDPR, PCI DSS, and local regulations save hours of manual work.
• Suggestion: Add real-time compliance dashboards (not just reports) to help teams monitor adherence continuously.

4. From my end Rating: 9/10 

We primarily use it for network-wide event monitoring and incident backtracking. It helps us identify what events caused certain incidents and understand how they happened.

It's also useful for incident tracking and investigating.

Having a functional event and log analyzer is crucial for any organization, especially considering ISO mandates. It has helped us meet those requirements and integrate all our functional-level needs. It has greatly facilitated our daily operations and compliance.

The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities, including printers. It's extremely useful for daily operations.

There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk. Another area that needs improvement is the integration of various technologies. Currently, they don't cover most of the major technology domains, leaving out significant coverage.

Moreover, there are many additional features I would like to see. One feature would be an automated workflow for report downloading and sending it to relevant individuals. 

Additionally, there should be event triggers to identify and handle duplicated events. It would be helpful to have AI-driven technology to differentiate between real and false alerts, as we receive numerous false positives. Not every event is critical, so an intelligent analysis, such as behavior-driven or logic-based, should be incorporated to suppress unnecessary alerts.

So, I want to decrease false positive instances. I would like to see a significant decrease in false positives based on intelligent analysis. The analysis could be behavior-driven or based on any logical approach, but it should be incorporated into the system.

We have been using this solution for three years. The version we use is the Logs and Event Log Analyzer.

It is a stable solution. I would rate it an eight out of ten.

Scalability is purely license-based. So I would rate the scalability a six out of ten. 

Moreover, it's not just the license; there are also some technological limitations. It doesn't support all brands of devices; only a limited set is supported. 

If we need to add something new, we have to request it from the engineering team, and they assess whether it's doable or not. If it is, then it goes into a queue for development and gets added in a new update. So, it depends on that.

It's mainly monitored by one or two people as a tool that oversees the entire network. In our organization, it's primarily used for capturing information. If someone needs details about a specific duration, the admin of the tool can log in and provide the necessary information.

It can assist in investigations, incident analysis, trend analysis, and more. It's used 24/7. We utilize its maximum potential.

Mostly, we are satisfied with the support. However, there are times when we require development for something that is not in the system, which can cause delays and require more coordination.  

But the regular support is fast.

Neutral

We used SolarWinds. We switched to ManageEngine Log360 because there was a significant security incident worldwide related to SolarWinds. I believe it happened in the US Pentagon, and many organizations were affected. It was around 2018 or 2019.

We evaluated OP5 as well, but ManageEngine Log360 is comparatively cheaper. It is also simpler to use compared to OP5. In terms of features and meeting our specific requirements, ManageEngine Log360 offered a better fit than Splunk. 

We needed multiple functionalities within the ManageEngine suite, and Log360 fulfilled most of our requirements. The only downside was the reporting feature, but overall, it provided the capabilities we needed. Splunk, on the other hand, is primarily focused on log management and reporting.

The initial setup was not easy. I would rate my experience with the initial setup a three out of ten, where one is difficult, and ten is easy.

Even with a technical background, you would need expertise in each area to map it for their specific technology. Each technology has its own configuration process.

For us, it took around two weeks to deploy ManageEngine Log360.

Software deployment is straightforward, but the configuration to meet our specific requirements took significant time. We had to work with individuals from different areas like applications, systems, networks, and databases. It took around two weeks due to the dependencies and customization involved. There is no way to bring a pre-installed solution.

The deployment required the involvement of around four to five people with different job roles, such as application admins, system admins, server admins, network admins, and database admins.

However, only the vendor provides maintenance under an active Annual Maintenance Contract (AMC). The vendor performs regular checks and upgrades and manages incidents. We have multiple applications in our suite, and the vendor manages the maintenance for all of them.

ROI wasn't an issue. The basic requirements are being met, so the returns on investment were already captured within the first two years of implementation. 

The main concern is how advanced and competitive it is compared to other players in the market. That's where it falls short. 

Otherwise, the return on investment is 80% within the two-year investment period.

I would rate the pricing a four out of ten, where one is low price and ten is high price. It is affordable. The price is fixed, there are no additional costs to the standard license. 

We were using SolarWinds. But, we moved to ManageEngine.

I would suggest evaluating other solutions. I am not very happy with this solution.

Overall, I would rate the solution a six out of ten. There are some shortcomings in terms of technology that haven't been addressed yet, as well as reporting. 

Additionally, there are false positives, and there's an accumulation of irrelevant data over time, which is not what we expect to see.

I use ManageEngine Log360 to manage company alerts. It is used in the security part, looking for issues in Active Directory and performing various tasks in Office 365.

Using ManageEngine Log360 has been a significant improvement for our company because it consolidates multiple tools into a single platform. This allows us to monitor various aspects, such as login times, network failures, and helpdesk attendance, that were previously unmanageable with older tools.

My main objective for using ManageEngine Log360 is its powerful and real-time capabilities for managing security and other tasks efficiently.

While ManageEngine Log360 is a significant improvement, there could be enhancements in terms of integrating more user-friendly training materials and better deployment documentation.

I have been using ManageEngine Log360 for quite some time.

I have not experienced any stability issues with ManageEngine Log360.

I believe the customer support team at ManageEngine is excellent, providing timely assistance and helping us solve problems effectively.

Positive

The initial setup was not very difficult. Although I did not do it personally, it seems that the deployment process was straightforward and completed in a short time.

The cost is medium. It is not very expensive and not very cheap. It seems to be a good price for the range of tools it provides.

ManageEngine Log360 is an excellent tool for managing various security tasks efficiently. It is user-friendly and easy to learn, making it suitable for users in the company.

The solution helps us identify and manage any security-related incidents in the environment. It collects logs from various sources in the IT department, including end-user devices, antivirus software, UTM, firewall box in our data center, and server logs. It also gathers Aneesh's IP device logs from our network monitoring. Log360 brings all logs from different devices into a single platform and then runs intelligence to detect patterns of attacks. This allows us to set up automation rules so that we can take appropriate actions if such patterns are detected in the future. For instance, we can isolate a machine or a user account from our Active Directory and send alert emails to the IT admin, network admin, or CEO, depending on the nature of the incident. This automation capability allows us to respond promptly and effectively to various security incidents, blocking many routine attacks beyond the protection offered by antivirus software.

Deploying ManageEngine Log360 is challenging in terms of knowledge. They offer some out-of-the-box configurations, but determining the specific firewall or antivirus in use and importing logs from various software sources can be complex.

There is a need for more automation in such solutions, moving towards single-click deployments with minimal configurations. This would be more efficient than setting up complex systems, waiting for log collection, identifying issues, and relying on security experts to analyze logs and configure tools for future attacks. Incorporating more intelligence into the system could significantly improve this process, although the exact method remains unclear due to the evolving nature of cyber threats.

I have been using ManageEngine Log360 for three years.

The product is stable.

The solution's scalability is good.

We have about two admins monitoring the situation with a small IT setup and a single office. The product doesn't depend on the number of end users. It depends on the number of admins managing the system. If there are multiple locations, multiple offices, and different policies for different offices, then each office would need one or two users.

Customer support provides efficient email-based support globally. If you subscribe to their licenses, you receive basic email support. You get a response within a business day or a few business hours. If you subscribe to their support services, you gain access to a higher level of support tailored to the more hands-on assistance that enterprises often require.

If you only acquire a license, ManageEngine won't engage in remote assistance for the installation and configuration. Instead, they may provide installation videos for self-guidance. However, if you lack extensive knowledge about the product or the field, you may need hands-on help. You can pay for ManageEngine's services or engage partners like us in such cases. This system is well-established and ensures comprehensive support as needed.

The product is good and worth the investment. It's crucial to have a skill set that can be used appropriately. Having a central skill set is required in-house because security is an evolving threat regardless of the user or team using the solution. If they don't keep up with the latest threats, understand how to protect their environment, and comprehend incidents, they won't be able to utilize any system effectively.

Before exploring ManageEngine Log360, it's essential to understand how attacks happen in an IT environment. Many people purchase and deploy solutions in their environment to fulfill compliance requirements and claim safety, treating it as a checkbox exercise. However, the real essence lies in understanding security incidents and how they occur, including the exploits in common systems like Linux and Windows and the typical methods hackers employ to exploit these vulnerabilities. Someone with the knowledge can maximize the utility of Log360 by creating custom rules that thwart easy access to these exploits.

Log360 is an excellent product that provides a wealth of functionality out of the box, suitable for both smaller and larger enterprises. It proves adequate for a variety of use cases and workloads. Furthermore, it boasts an intuitive and easy-to-understand interface, supported by a substantial online library on SaaS cleaning and an active community that readily offers assistance. Comparatively, Log360 stands out due to its excellent support, stability, and straightforward installation and usage processes.

Overall, I rate the solution an eight out of ten.

We usually use this solution as a pro system for purchasing and holiday approvals. They're usually a public system with MyCheck. We also use the repo system, including investing, and search systems for the organization.

The Sharecon feature is the most valuable. 

The integration with SharePoint and Teams should be improved. 

It is a stable solution. 

It is a scalable solution. 

They provide specialized support and PAMPC, application support, like a finance system. This is in addition to database system support, and telephone support like WordPress and Cisco.

Neutral

I see a return on investment. 

Affordable pricing is provided by the solution. 

Overall I rate the solution seven out of ten. 

This is a module we use for our CM for the logging aspect.

We are collecting logs from our firewalls and we are collecting logs from the antivirus site. We are using Bitdefender for that. We are going to be implementing it so that all the logs flow through that mechanism, of course. Right now, these two are being planned at once.

Right now, we are still learning so I don't feel too comfortable saying something about the product very confidently. That said, everything's going fine. 

It is a combined toolset, ManageEngine. We can use a single toolchain for more than one purpose altogether and manage them from one administrative console. It's combined everything and will probably make some things easier for us.

The price is decent.

It is user-friendly.

We haven't had any stability issues.

It can scale.

The support has been great.

We are always facing more difficulties right now because we are learning.

On the logging system, there's a local on-client side that is encrypted, and there's one that is not encrypted. It is only for diagnostical purposes. However, both being encrypted would be very valuable for some audits. We discussed this, and they said it is for diagnostic purposes only. Those logs won't be uploaded or regarded as a base of information for the client. That is only when you have difficulty when you face a problem. 

Yet changing them manually won't affect the server side, that client's life, or the knowledge of the life of that client. It will, however, be better if all of them are encrypted, and then the support side of the product can get the encrypted log files from us and decrypt and investigate. That way, we wouldn't have to tell ourselves and the auditors and then convince them that is not a vulnerability.

We have recently started using the solution. We are building up the system and have about two months of experience.

The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze.

While we haven't scaled yet, it doesn't look like it will give us trouble if and when we decide to expand. 

Right now, we have about 15 clients on the solution. Those are permanent. And then we are using some temporary resources. They are using different clients from time to time. On the server side, we have 20-something virtual servers that are investigated or under the control of those applications.

Technical support is exceptional in Turkey. Our local support team is a distributor and they offer very good support.

Positive

I haven't used a different solution at this organization, although I have used other products in other companies. I wasn't responsible for choosing this solution.

The initial setup is a little bit straightforward and a little bit complex. 

The basic deployment took like one or two days. That said, the details, at least in the current space, took a couple of days. I can't say that we are in a fully implemented or fully configured just yet. We have a lot more work ahead of us.

The configuration part of it looks easy, however, when you try to get familiar with a new product, you have to learn the basics of that product. That's the problem we are facing now. I can't say it's a very complicated, overly complicated application. It's quite user-friendly.

After just two months, it is hard to say how much maintenance will be required. 

We got some support from the support side of the product, including the local support team. However, we managed to set it up, and install it in-house.

They have provided us with a good trial period and a decent overall price compared to the other options.

I'm not 100% sure of the exact cost.

We did evaluate other options. The function set, pricing, and trial period they could provide us with were great.

We are using the latest, most up-to-date version of the solution. 

I didn't face any big issues with it up to now. That said, I'm a new user. I don't know in the long term if we will have more negatives after seeing some problems. Up until now, everything's fine.

I'd rate the solution eight out of ten.

Our primary case for this solution is log management and finding vulnerabilities. It has file server monitoring and we use it to oversee specific file paths from file servers. For a few of them, we also do servers, Linux, and syslogs from network devices. We are trying to add it to our Windows Server, and they inform us whenever there are changes in their PaaS. We deploy it on-premises.

We have found the FIM (file integration monitoring) feature valuable.

ManageEngine Log360 could be improved by including XDR, remediation and Sandbox. XDR can be different from other solutions because you don't just get logs, vulnerabilities or cyber threats. Also, SOA can be included as a type of security or phishing risk scam. Azure Sentinel has those features and it is a solution that can detect and remediate simultaneously. We can have a sandbox environment where we flag and simulate an attack. Hence, the system can be aware in case something happens.

We have been using this solution for approximately three years.

The solution is stable.

The solution is on-premises and does not need to be scaled.

We have had a fantastic experience with customer service and support.

We did not previously use other solutions.

The initial setup is straightforward. Deployment took approximately two days because the issue we had was getting credentials and importing devices into the solution. It will help if we have credentials from the server team, as required. The issues were in-house and not the solution application itself.

Implementation was done in-house. We require four teams for deployment and maintenance. The Server team, DevOps team, Active Directory team, and network team. That's why we only have four users because they can get into the solution and log in to see exactly what's going on.

The license is subscription-based and it is not expensive compared to other solutions.

I rate this solution eight out of ten. The solution is good and provides us with what we need, but it can be improved by including XDR, remediation and Sandbox.

If the client does not have much knowledge regarding the SOC and cyber, then ManageEngine Log360 is good because you can get default reports.

It is easier to deploy than are other SIEMs, which is great. You can also get an overview of your environment, which is very handy.

It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system.

The on-premises solution is very slow. When I move to another tab inside Log360 or in the SIEM, even if my system is running on 36 GB and with a high processor, it takes a lot of time to get into the alert page or the search page.

It takes a long time to load a single page. With other solutions, such as Splunk, Securonix, Wazuh, I can quickly grab the details within seconds, but with ManageEngine, it takes a lot of time.

I've been using it for about four months.

Compared to the scalability of other solutions, ManageEngine Log360's scalability is average.

I have contacted technical support, and they solved a particular issue I was facing.

The initial setup was easy and not complex. One person can handle the deployment.

The deployment was done in-house.

My client has a yearly license. I think the cost is not expensive compared to that of other SIEMs, given the service it is providing.

Compared to other SIEMs, ManageEngine gives you the reports by default, which is good for small enterprises. Other solutions require one person to monitor user accounts. So, if your firm is not huge, then you can install ManageEngine Log360 to get password sharing and all other details.

I don't recommend using ManageEngine Log 360 in large organizations with more than 300 employees because they require certain compliance policies.

Overall, I would give this solution a six out of ten.