Support
 
Support Get Quote
 
 
 
 

EventLog Analyzer vs. AlienVault Unified Security Management

 
Vs.
 

This document provides a feature-wise comparison report between ManageEngine EventLog Analyzer and AlienVault. Comparison done here is based on the information available in the competitor’s website and so the details may vary with the real product.

ManageEngine EventLog Analyzer is a comprehensive log management solution that helps you to automate log management, log collection, analysis, event correlation, file integrity monitoring, log search and archiving to meet the compliance and SIEM needs from a single console

AlienVault Unified Security Management (USM) is an integrated SIEM module that includes three components viz., Server – that centrally stores and processes the log data, Sensors – the agents that discover assets and collect log data, and Logger – the component that performs log analysis which helps you to meet the SIEM needs.

EventLog Analyzer is your solution to a better AlienVault alternative

Feature Comparison

Feature Description [ Close All ] [ Expand All ]
 
 
 Log Collection
Agent-less    
Agent based    
Cross platform log collection    
Heterogeneous server/ device support    
Import logs    
Periodical import of logs   Not specified
Log filter    
Universal Log Parsing and Indexing(ULPI)   Supported using AlienVault’s Data Source Plugin
Log collection and processing rate 20,000 logs/second with peak event handling capacity up to 25,000 logs/second. For Windows event logs the EPS is 2000 logs/second. Depends on the type of module you choose USM All-in-one 25A module supports up to 1,000 logs/second.
 Log formats supported
Windows event log    
Syslog    
Any format – with Universal Log Parsing and Indexing (ULPI) technology   Supported using AlienVault’s Data Source Plugin
Amazon Web Services (AWS) EC2 Instance   Requires separate product – USM for AWS
 Application logs supported
Proprietary applications [Microsoft IIS Web Server, FTP Server (W3C logs), Apache Web Server, DHCP Windows, DHCP Linux]   Supported using AlienVault’s Data Source Plugin
Database applications [Oracle Audit, MS SQL Server]   Supported using AlienVault’s Data Source Plugin
Any application – with Universal Log Parsing and Indexing (ULPI) technology   Supported using AlienVault’s Data Source Plugin
 Other devices supported
Custom devices [IBM AS400 (iSeries), VMware]    
Custom devices
  • Firewalls
  • Intrusion Detection System/ Intrusion Prevention System (IDS/IPS)
  • Anti-virus application
  • Mail and web application
  • Vulnerability Scanners
  • Unified threat management solutions
    • Symantec DLP Application
    • FireEye
    • Symantec Endpoint Solution
  Supported using AlienVault’s Data Source Plugin
 Alerts & Notification
Real-time alert Notification – Email, SMS, Run program    
Compliance alerts    
 Reports
File Integrity Monitoring   Available when FIM is enabled. Requires the deployment of OSSEC/HIDS agents
Canned reports    
Custom reports    
Scheduled reports    
Report distribution via Email    
Reports in PDF, CSV & HTML formats   Only as PDF format.
Drill down to raw logs   Not available. Has a separate report to view the raw log files of Firewall, Antivirus solution etc.,
Filter using mouse gesture   Not specified.
Management specific reports (Ask ME)    
Trend reports    
Privileged user activity monitoring reports    
 Log Search
Advanced Search using Boolean, Wildcards, Grouped Search, Range search, Phrase search   Available in USM Logger component
Formatted log search   Available in USM Logger component
Raw log search   Available in USM Logger component
Save search result as report and as alerts   Not specified
 Compliance Reports
Canned reports    
Customizable report    
Reports for new compliance    
PCI-DSS    
HIPAA    
FISMA    
SOX    
GLBA    
ISO 27001    
 Real-time Event Correlation
Event correlation    
User Session monitoring    
 File Integrity Monitoring
Reports on File Integrity Monitoring   Available. Requires the deployment of OSSEC/HIDS agents
Report Scheduling   Available. Requires the deployment of OSSEC/HIDS agents
Real-time alerts upon critical changes to files/folders being monitored   Available. Requires the deployment of OSSEC/HIDS agents
Audit trial reports on files/folders changes   Available. Requires the deployment of OSSEC/HIDS agents
 Log Archiving
Flexible periodicity    
Flexible retention    
Secured (Encrypted)    
Tamper-proof    
 Service Provider features
User based views    
User based dashboards    
Rebranding   Not available
 User Management
Realm & user based access    
Active Directory based user authentication   Not available
RADIUS server based user authentication   Not available
 Implementation
Easy to install    
Web based Client    
 System Requirements
Bundled database (PostgreSQL/MySQL)   Not available
Windows & Linux platforms support    
64 Bit support    
Appliance based    
Pricing
Based on number of servers, devices & applications    
Annual Subscription Model    
Perpetual Model    
Cost Server/ application based licensing. Annual Subscription License Premium Edition 10 log sources pack starts at $495 (Including 1st year AMS). Yearly renewal includes upgrade, maintenance, and support. Annual Subscription License for AlienVault USM All-in-one pack for 25 assets is $3,900 (Including 1st year AMS). Yearly renewal pric

Though every care has been taken to ensure the correctness of the information provided herein, minor variations might be found in the feature set. In case, you find any discrepancies, please write to us at: eventlog-support@manageengine.com

EventLog Analyzer Trusted By

Los Alamos National Bank Michigan State University
Panasonic Comcast
Oklahoma State University IBM
Accenture Bank of America
Infosys
Ernst Young

Customer Speaks

  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

Awards and Recognitions

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
A Single Pane of Glass for Comprehensive Log Management