ManageEngine Log360 Reviews

Our primary case for this solution is log management and finding vulnerabilities. It has file server monitoring and we use it to oversee specific file paths from file servers. For a few of them, we also do servers, Linux, and syslogs from network devices. We are trying to add it to our Windows Server, and they inform us whenever there are changes in their PaaS. We deploy it on-premises.

We have found the FIM (file integration monitoring) feature valuable.

ManageEngine Log360 could be improved by including XDR, remediation and Sandbox. XDR can be different from other solutions because you don't just get logs, vulnerabilities or cyber threats. Also, SOA can be included as a type of security or phishing risk scam. Azure Sentinel has those features and it is a solution that can detect and remediate simultaneously. We can have a sandbox environment where we flag and simulate an attack. Hence, the system can be aware in case something happens.

We have been using this solution for approximately three years.

The solution is stable.

The solution is on-premises and does not need to be scaled.

We have had a fantastic experience with customer service and support.

We did not previously use other solutions.

The initial setup is straightforward. Deployment took approximately two days because the issue we had was getting credentials and importing devices into the solution. It will help if we have credentials from the server team, as required. The issues were in-house and not the solution application itself.

Implementation was done in-house. We require four teams for deployment and maintenance. The Server team, DevOps team, Active Directory team, and network team. That's why we only have four users because they can get into the solution and log in to see exactly what's going on.

The license is subscription-based and it is not expensive compared to other solutions.

I rate this solution eight out of ten. The solution is good and provides us with what we need, but it can be improved by including XDR, remediation and Sandbox.

If the client does not have much knowledge regarding the SOC and cyber, then ManageEngine Log360 is good because you can get default reports.

It is easier to deploy than are other SIEMs, which is great. You can also get an overview of your environment, which is very handy.

It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system.

The on-premises solution is very slow. When I move to another tab inside Log360 or in the SIEM, even if my system is running on 36 GB and with a high processor, it takes a lot of time to get into the alert page or the search page.

It takes a long time to load a single page. With other solutions, such as Splunk, Securonix, Wazuh, I can quickly grab the details within seconds, but with ManageEngine, it takes a lot of time.

I've been using it for about four months.

Compared to the scalability of other solutions, ManageEngine Log360's scalability is average.

I have contacted technical support, and they solved a particular issue I was facing.

The initial setup was easy and not complex. One person can handle the deployment.

The deployment was done in-house.

My client has a yearly license. I think the cost is not expensive compared to that of other SIEMs, given the service it is providing.

Compared to other SIEMs, ManageEngine gives you the reports by default, which is good for small enterprises. Other solutions require one person to monitor user accounts. So, if your firm is not huge, then you can install ManageEngine Log360 to get password sharing and all other details.

I don't recommend using ManageEngine Log 360 in large organizations with more than 300 employees because they require certain compliance policies.

Overall, I would give this solution a six out of ten.

I like the product’s threat response and detection. I have seen the portal demo. The portal is very user-friendly compared to other solutions. The product is very user-friendly.

The solution lacks some features when compared to other products. It must add more features. Incident management for real-time scans must be improved a bit.

We are offering the solution to our customers.

I rate the tool’s stability an eight or ten out of ten. I haven't seen any bugs.

I rate the tool’s scalability a seven out of ten. The tool lacks some features. If those features are added, I would rate it a ten out of ten. One of our customers uses the solution. We get great feedback from them.

Most of our customers have a hybrid infrastructure.

We are looking for a solution that offers both on-premise and cloud versions. Someone with less experience using SIEM solutions must choose ManageEngine because it is very user-friendly. Overall, I rate the product an eight out of ten.

The solution needs to improve hub storage. It should integrate AI and ML capabilities. 

ManageEngine Log360 is not difficult to deploy. 

ManageEngine Log360 is expensive compared to other products. 

I rate the product a five out of ten. It is only an average solution. 

It is nice to be able to monitor and to have notifications.

Right now, we can't even get it to work. 

The support needs improvement.

The stability needs to be improved.

ManageEngine Log360 is not a stable solution. It needs improvement.

We have tickets in to get it fixed but we are not having a lot of luck.

I would rate ManageEngine Log360 a three out of ten.

We basically utilize the tool to monitor security events based on a logon process such as bad passwords, lockout, etc.

We are using its latest version. We just upgraded it over the weekend.

It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect.

Its pricing should be better. Pricing is definitely a big factor for us. 

Their technical support should also be improved.

I have been using this solution for about three years.

It is pretty stable. We haven't had any problems with the system. I don't use the tool as much as my team does, so I really couldn't get into the specifics. It does what we want in terms of staying in compliance. 

I'm not too familiar with its scalability.

I haven't had very good support from those guys.

I haven't used any other products, but I've heard of products like LogRhythm and Splunk, and they seem to be supreme to this particular product that we have.

Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.

I would rate ManageEngine Log360 a six out of 10. 

The reports that you can run are really nice. They give you a lot of standard reports, which are nice, and the ability to run some custom ones, too. It takes some intuitive thinking to use it, but overall it's generally user-friendly; although it takes some digging to find the report you're looking for — it's almost overkill by data.

They have been doing some webinars for their solutions that run-down through it, and those are actually quite helpful. What they're doing for their improvement is kind of nice. They're sending out a series of webinars and then you can log on and ask live questions to the engineers as they're taking you through the use of the product. I am actually finding that quite helpful.

I've had to go leaps and bounds, wondering where stuff was at. There's a lot of tabs to go through. There's a lot of information presented within the system and knowing where to go in it is taking that process through, like, "You go here, you look there, you see this here. Can you think of a use case where you would want to know that?" They ask those questions and they get responses in their webinars and I think that's quite valuable.

They're giving you an hour to go through it and they're covering most of the material in 45 minutes. They need to actually have the product explained a little bit better than just, "Here you go." I think Varonis is a little bit more, "Hey, these are the alerts you have." And then on the right, it drives you right to where you need to go. With ManageEngine, you need to actually have an idea of what you want to do with the information you're looking at. It doesn't drive you in the direction — that's a con. Varonis kind of drives you down. On the right, it gives you the event list and you can go through it and drive to the data on the individual alert. ManageEngine gives you the alert and then you need to know where to go. 

Because I haven't been using it long enough, I am not too sure what's missing. I am comparing it with Varonis. The two seem to be lining up a lot, but Varonis is a little bit better as it gives me real-time alerts for the file shares. It takes a little bit of time for Log360 to actually learn your environment. I am dealing with a lot of alerts that aren't exactly valid because it just doesn't know yet.

The learning environment time is a little bit lengthy, but I think it's necessary. Since Varonis was already in the environment, I have no idea how long that took for it to learn that behavior. It's hard for me to compare the two in that aspect, but that's what I'm dealing with. That's what I would expect somebody else to be dealing with if they just got the product and they didn't have anything.

I have been using ManageEngine Log360 for the past couple of months.

Overall, on a scale from one to ten, I would give ManageEngine a rating of eight. It gives me a lot of information. Without the webinars, I'd give it a seven.

If they improved their alerting capabilities, I'd give them a higher rating. For example, "Click here to drive down, and here are the recommended steps for evaluating this alert." If it did that, I would give it a rating of ten. That's really the thing that they need. They need to drive their traffic on their platform as opposed to you having to guess where to go.

The solution has many features that I like very much.

The user logs and files are great. The shuttle import is useful for imported logs and prices.

The reporting is great. Everything you need is in the report for you already.

The solution is quite large, which is useful for our level of business.

The matter of the data retention needs to be addressed.

The back-end, moving to a whole new server, needs the integration of the data already collected by this tool. Right now, this is lacking. I have some customers that have to collect data for a period of two years. That data needs to be mobile - and we are talking about two terabytes or three terabytes of logs. There's always a problem, where the old server is breaking or at the end of the life, and they need a whole new one and need to migrate, however, it is very hard to find a way to do this effectively.

In a future release, I would like to see some sort of feature that prepares one predefined installation. It would also be ideal if we could have separate servers for separate customers.

I would like to see that there are some items that are predefined, and some features to predefine some settings. For example, I would like to create some custom reports for customer complaints and be able to report the issues and put them into every part of the solution.

I've been using the solution for the last two years now.

The stability is good. We haven't had any issues with bugs or glitches. It doesn't crash or freeze. When we need to access our data to check on things we can easily.

The scalability is very good. Very nice. We have a distribution version for big IT environments in a global context. We can collect some old download data, to check them, from one place on one single server.

Our organization is quite large, and we have no trouble using this solution to manage the work.

We've dealt with technical support in the past. I can say with certainty they have been very good, and very professional. There has been no problem getting help from them when we need it. They're easy to work with. We're satisfied with the level of service they provide to us.

The initial setup was not complex. It was very straightforward. We didn't have any issues with the implementation.

How long it takes in total depends on if you are talking about a full deployment or just an installation. The more jobs, the more time it will take to configure the environment servers, and tasks of that nature. That's got to be solved. However, preparation for that part is most likely very easy and very simple for most organizations and should take perhaps six hours at a maximum.

I am a part-time partner and I am a unique distributor.

We're using the corporate version of the solution. It's the biggest version you can get.

I'd rate the solution nine out of ten. I'm waiting on a new feature they promised us int he third quarter. Other than that, the solution has worked quite well for me and offers almost everything I need.