??? pgHead ???

Frequently asked questions

  • General
  • Pricing and licensing
  • Installation
  • Connectivity
  • Components and their integrations
  • Services
  • Log collection
  • Updates and upgrades
  • Demos, podcasts, and more
  • Support


What is Log360?

Log360 is ManageEngine's comprehensive security information and event management (SIEM) solution. Log360 can monitor your entire network, provide visibility on crucial security events, and help you detect and mitigate security threats at an early stage. Log360 can also help you meet various compliance regulations such as the PCI DSS, HIPAA, SOX, the GDPR, and more.

Why Log360?

Log360 is a comprehensive SIEM solution that can be used by enterprises of all sizes across different industries. Below are the unique selling propositions of the solution:

  • Single console for monitoring and securing your entire IT infrastructure
  • Easy to deploy, manage, upgrade, and scale up
  • Wide-range of out-of-the-box report and alert profiles
  • Advanced attack mitigation capabilities: cutting-edge analytics, threat intelligence, and response workflows
  • Affordable pricing: you pay for only what you need by licensing and enabling components as per your requirements

Log360 has been positioned in the Gartner Magic Quadrant for SIEM for five years in a row. Read the latest report here.

What are the components of Log360?

Log360 is an integrated SIEM solution with components and modules focused on securing different parts of your infrastructure.

Listed below are the components of Log360:

  • Log monitoring for the network perimeter, servers, applications, and security solutions
  • Real-time Active Directory auditing
  • Public cloud log management and auditing
  • Reporting on Active Directory risks
  • Machine-learning-based analytics and risk scoring
  • File auditing, data loss prevention, and risk assessment
  • Dedicated monitoring for Microsoft 365
  • Dedicated monitoring of Exchange Servers

What are the key features of Log360?

Log360's key features are listed below:

Pricing and licensing

How is Log360 licensed?

Licensing is based on the log sources and add-ons required. Pricing is based on the number of:

  • Domain controllers
  • Member servers
  • Applications
  • Syslog devices
  • Workstations

The following add-ons are available for addressing specific needs:

  • SQL and IIS auditing
  • File integrity monitoring (FIM)
  • Exchange auditing
  • Microsoft 365 auditing
  • UEBA
  • Advanced threat analytics

Refer to Log360 license components to learn more about the various components and their pricing criteria.

Get a quote now.

Can I get a personalized quote?

Yes, please fill out this form to get a personalized quote that best suits your requirements.

What's the difference between the Free edition and the Premium edition?

The Free edition supports only a limited number of log sources and has restricted capabilities. In the Premium edition, there is no limit in the number of log sources that can be supported and all features can be accessed without any restrictions. Learn more about the differences between the Free and Premium Editions.

Is there a trial license available for Log360?

Yes, download the fully functional 30-day trial version here. The 30-day free trial version will automatically be converted to the Free edition after the evaluation period.

How do I extend the trial license?

If you are interested in exploring the solution more before making a purchase decision, fill out this form to extend your evaluator license.

If I bought a member server license in ADAudit Plus, will I be able to monitor the same server in EventLog Analyzer, too? Or do I need to get a separate license ?

When you buy the auditing license for a member server in ADAudit Plus, you will be able to monitor the same server in EventLog Analyzer, too.

The member servers added for auditing will be automatically synchronized with EventLog Analyzer without any additional license.

Can I choose not to buy the auditing component of Log360? Will the log management component function alone?

Yes. You can choose to un-integrate any of the components from Log360. To remove any components:

  • Go to Admin > Corresponding component.
  • Click Remove to remove the corresponding component.


How do I install Log360?

Log360 can be downloaded here. Log360 can be installed as an application (by default) or as a Windows service. The standard installation downloads all the components of Log360. Alternatively, you can customize the installation by choosing the components of Log360 that you would like to download.

What are the system requirements for Log360?

Click here for the complete list of system requirements for installing and working with Log360.

Can you recommend some best practices for installation of Log360?

Best practices for installation of Log360 can be found in this guide.

How to secure the installation of Log360

Best practices for securing your installation can be found in this guide.


Can Log360 be accessed over the internet?

Yes. Once Log360 has been deployed and started, the web client can be accessed from anywhere.

Which web browsers are supported by Log360?

ManageEngine Log360 requires one of the following browsers to be installed on the system to access the Log360 web client.

  • Microsoft Edge
  • Firefox 4 and above
  • Chrome 10 and above
  • Safari 5 and above

Components and their integrations

I have already deployed EventLog Analyzer in my environment. Why should I get Log360?

EventLog Analyzer is a log management solution. While this component takes care of log collection, analysis, and secured storage, it doesn't offer the complete security that Log360 provides for your network. Log360 protects your network by:

  • Helping you proactively hunt for security threats.
  • Ensuring the security of data and resources on the cloud.
  • Monitoring user behavior and spotting suspicious Active Directory changes.
  • Providing a holistic security monitoring dashboard that presents data from Exchange Server, Microsoft 365, Active Directory, and a lot of other critical network infrastructure.

I have ADAudit Plus already deployed in my environment. Why should I get Log360?

While ADAudit Plus takes care of Active Directory change monitoring, user behavior analysis, it isn't enough to protect your network from attacks. Log360 helps you:

  • Detect, mitigate, and contain external security threats with its threat intelligence platform.
  • Analyze user and entity behavior exhaustively with advanced ML-based behavioral analytics.
  • Track, triage, and respond to security incidents effectively.
  • Conduct forensic analysis and prepare incident investigation reports.
  • Secure data and resources on your cloud platform.
  • Get a holistic security view of your network by bringing together data from different critical infrastructure such as the Exchange servers, Microsoft 365 applications, and more.

What are synced hosts?

Any device or server added in one component of Log360 will be automatically synchronized with the other component. These devices or servers are called synced hosts.

For instance, when you add a member server in the ADAudit Plus component of Log360, the server will be automatically synchronized with EventLog Analyzer components as well. In this case, that particular member server is a synced host.

I'm running Log360. However, I haven't purchased any of the auditing components yet. Now I want to try them out. How do I purchase and integrate them with Log360?

Once you have Log360 in place, at any point of time you can purchase and integrate these auditing components: ADAudit Plus, M365 Manager Plus and Exchange Reporter Plus.

All you need to do is get the corresponding license of these auditing components by contacting us. Once you've purchased the license, follow the below steps:

  • Apply the license file in the product.
  • Go to Admin > ADAudit Plus.
  • Click Update.

The ADAudit Plus component will now be integrated. You can follow the same steps for M365 Manager Plus and Exchange Reporter Plus.

How do I synchronize ADAudit Plus hosts with that of EventLog Analyzer?

All the hosts between ADAudit Plus and EventLog Analyzer will be automatically synchronized everyday at 12 am. If you need to sync the host manually:

  • Click the Admin tab.
  • Go to the Log360 Integration window.
  • Click Sync Now in the top-right corner of the window.

The hosts will now be integrated automatically.

Can I remove any component from Log360? Will the solution still be functional?

Yes. At any point of time, you can remove any one of the components from Log360. To do so, follow the below steps:

  • Go to the Admin tab and corresponding component tab.
  • Click Remove.

This will remove the corresponding component.

What is the difference between the ADManager Plus module in Log360 and the standalone edition of ADManager Plus?

The Active Directory reporting component of Log360 is a variant of standalone ManageEngine ADManager Plus, a comprehensive AD management and reporting solution.

While Log360's component brings in the security-related AD information such as data about permissions and changes to user roles, the standalone solution takes care of entire AD management and reporting needs of enterprises. Click here for the complete list of differences between the standalone edition and Log360's add-on.

What is the difference between the M365 Manager Plus module in Log360 and the standalone edition of M365 Manager Plus?

M365 auditing or reporting in Log360 primarily brings in the security auditing data of Microsoft 365 whereas the standalone solution helps you manage Microsoft 365 applications. Click here for the complete list of features supported by the M365 Manager Plus module in Log360 compared to those of the standalone edition.

What is the difference between the Exchange Reporter Plus module in Log360 and the standalone edition of Exchange Reporter Plus?

While the Exchange reporting and auditing module of Log360 supports dedicated reporting and auditing of Exchange Servers, the standalone edition helps you manage hybrid Exchange and Skype for Business. Click here for the complete list of features supported by the Exchange Reporter Plus module in Log360 compared to those of the standalone edition.


Is there a cloud version of Log360 available?

Yes, Log360 Cloud is a cloud-based log management solution for monitoring activities and detecting security threats in your network. This solution allows security teams to aggregate, store, and manage logs from various network devices on a secure cloud platform, helping them to cut down on their IT storage spending and achieve their IT security and compliance objectives.

Which databases are supported by Log360?

Log360 supports the following databases:

      Bundled with the product:

    • PostgreSQL

      External databases:

    • Microsoft SQL Server 2000
    • Microsoft SQL Server 2005
    • Microsoft SQL Server 2008
    • Microsoft SQL Server 2012
    • Microsoft SQL Server 2017

Click here for the complete list of system requirements for installing and working with Log360.

Can you describe Log360's architecture ?

Click here to view the complete solution architecture.

How do I uninstall Log360?

To uninstall Log360, follow the below steps:

  • Go to Control Panel.
  • Click Log360 and then Uninstall.
  • Select EventLog Analyzer and/or ADAudit Plus — whichever component is selected will be uninstalled. If you select both the components, then Log360 will be completely uninstalled.

Please let us know why Log360 didn't work out for your organization. We really appreciate your feedback.

Log collection

What are the various log sources supported by Log360?

Log360 supports a wide range of log sources out-of-the-box. Additionally, logs from legacy systems and in-house applications can be parsed using the custom log parser. Below are the commonly added log sources to Log360:

  • Domain controllers
  • Windows and Unix servers
  • Workstations
  • Databases
  • Network devices: firewalls, IDS/IPS, routers, switches
  • File systems
  • Security solutions such as vulnerability scanners and threat solutions
  • Cloud infrastructure such as AWS, Azure, and Google Cloud Platform
  • SaaS such as Microsoft 365 and Salesforce

For the complete list of supported log sources, click here.

Updates and upgrades

Will Log360 be updated automatically?

By default, Log360's auto updating capability is disabled. Manually enable it to keep Log360 automatically updated to the latest version.

If I update Log360, would it update all the individual components in Log360?

No, you need to update the individual components separately with their respective service packs.

Can we upgrade an individual component to Log360?

Yes, an individual component can be upgraded to Log360. If you are already using one of the components of Log360, you can easily license the other components and upgrade your Log360 installation. The components can be integrated in the Admin Settings of Log360.

Demos, podcasts, and more

Can I get a personalized demo?

Yes, fill out this form to schedule a personalized web demo with our product experts. If you would like to try your hands on the fully functional online demo, click here.

Is there an online demo available?

Yes, click here to explore the fully functional online demo of Log360.

How do I register for the podcast series?

Click here to sign up for and listen to our latest podcast series.

How do I register for upcoming virtual seminars?

Click here to sign up and join our upcoming virtual seminars.


How do I contact the Log360 support team?

If you need technical assistance, you can contact our support team by filling out this form.

You can also contact us at:
Toll-free numbers: US: +1.844.649.7766
UK: 0800.028.6590
AUS: 1800.631.268
CN: +86.400.660.8680
Intl: +1.925.924.9500
Direct dialing number US: +1.408.352.9254
Email: support@log360.com

Can I make a suggestion for a new feature?

Yes, fill this form to make a suggestion for a new feature you would like to see in our future releases of Log360.

Didn't see your question above? You can email us at support@log360.com or reach out to us on our community where you can find other frequently asked questions along with use cases, resources, and information about our latest releases and features.