Features | ManageEngine Log360 Try now |
ArcSight Enterprise Security Manager (ESM) | |
---|---|---|---|
Log collection | |||
Agent-less | |||
Agent-based | |||
Cross platform log collection |
Arc Sight ESM must be used in conjunction with ArcSight Data Platform or any collection system that uses Common Event Format(CEF) |
||
Reports | |||
File integrity monitoring | |||
Canned reports | |||
Custom reports | |||
Scheduled reports | |||
Report distribution via email | |||
Reports in PDF, CSV, and HTML formats | |||
Drill down to raw logs | |||
Filter using mouse gesture | |||
Management specific reports(Ask ME) | |||
Trend reports | |||
Privileged user activity monitoring reports | |||
Log search | |||
Advanced search using Boolean, wildcards, grouped search, range search, phrase search | |||
Formatted logs search | |||
Raw logs search | |||
Compliance reports | |||
Canned reports |
ESM optional package(Compliance Automation and Reporting) |
||
Customizing existing reports |
ESM optional package(Compliance Automation and Reporting) |
||
Creating new compliance reports |
ESM optional package(Compliance Automation and Reporting) |
||
PCI-DSS |
ESM optional package(Compliance Automation and Reporting) |
||
HIPAA |
ESM optional package(Compliance Automation and Reporting) |
||
Heterogeneous server/ device support | |||
Import logs | |||
Periodical import of logs | |||
Log filter | |||
Custom log parsing and indexing | |||
Log collection and processing rate | 20,000 logs/second with peak event handling capacity up to 25,000 logs/second. For Windows event logs the EPS is 2000 logs/second. | Not specified | |
Log formats supported | |||
Windows event log | |||
Syslog | |||
Any format – with custom log parsing and indexing | |||
Amazon Web Services (AWS) EC2 Instance | |||
Application logs supported | |||
Proprietary applications
|
|||
Database applications: [Oracle Audit, MS SQL Server] |
|||
Any application – with custom log parsing and indexing | |||
Other devices supported | |||
Custom devices [IBM AS400 (iSeries), VMware] | |||
Custom devices
|
|||
Alerts and notifications | |||
Real-time alerts | |||
Notification- Email and SMS | |||
Run automated scripts as alert response | |||
Compliance alerts | |||
In-built incident management module | |||
Forward tickets to external help desk software | |||
Threat intelligence | |||
Real-time alerts for global blacklisted IPs intruding the network. | |||
FISMA |
ESM optional package(Compliance Automation and Reporting) |
||
SOX |
ESM optional package(Compliance Automation and Reporting) |
||
GLBA |
ESM optional package(Compliance Automation and Reporting) |
||
ISO 27001 |
ESM optional package(Compliance Automation and Reporting) |
||
Real-time event correlation | |||
Event correlation | |||
Field-level filters to build correlation rules | |||
Pre-defined rules to detect various attacks, including ransomware, brute-force and more | |||
User session monitoring | |||
File Integrity Monitoring | |||
Reports on file integrity monitoring | |||
Report scheduling | |||
Real-time alerts when critical changes are made to files/folders that are being monitored | |||
Audit trail on file/folder changes | |||
Log archiving | |||
Flexible periodicity | |||
Flexible retention | |||
Secured (Encrypted) | |||
Service Provider feature | |||
User based views | |||
User based dashboards | |||
Rebranding | |||
User Management | |||
Realm & user based access. | |||
Active Directory (AD)based user authentication | |||
RADIUS server based user authentication. | |||
Other Key Features | |||
Incident workflows | |||
UEBA | |||
Risk Assessment | Not specified | ||
Advanced threat analytics | |||
Implementation | |||
Easy to install |
(Requires optioanl packages for functionalities) |
||
Web based Client | |||
Appliance based | |||
System Requirements | |||
Bundled database (PostgreSQL/MySQL) | Not specified | ||
Windows & Linux platforms support | |||
64 Bit support | |||
Pricing | |||
Pricing basis | Based on the number of servers, devices and applications. | Not specified | |
Annual licensing model | Not specified | ||
Perpetual licensing model | Not specified |
Log360 is a simple yet powerful security information and event management (SIEM) solution that can help enterprises overcome network security challenges and strengthen their cybersecurity posture. The solution helps you mitigate security threats, spot ongoing attack attempts, detect suspicious user activities, and comply with regulatory mandates.
For more information about Log360, please visit
www.manageengine.com/log-management/Your download should begin automatically in 15 seconds. If not, click here to download manually.
Thank you for your interest in ManageEngine Log360. We have received your request for a personalized demo and will contact you shortly.
Disclaimer: ManageEngine does not guarantee the accuracy of any information presented in this document, and there is no commitment, expressed or implied, on ManageEngine’s part to update or otherwise amend this document. The furnishing of this document does not provide any license to patents, trademarks, copyrights or other intellectual property rights owned or held by ManageEngine.