This document provides a feature-wise comparison report between ManageEngine EventLog Analyzer and AlienVault. Comparison done here is based on the information available in the competitor’s website and so the details may vary with the real product.
ManageEngine EventLog Analyzer is a comprehensive log management solution that helps you to automate log management, log collection, analysis, event correlation, file integrity monitoring, log search and archiving to meet the compliance and SIEM needs from a single console
AlienVault Unified Security Management (USM) is an integrated SIEM module that includes three components viz., Server – that centrally stores and processes the log data, Sensors – the agents that discover assets and collect log data, and Logger – the component that performs log analysis which helps you to meet the SIEM needs.
Feature Comparison
Agent-less |
|
|
Agent based |
|
|
Cross platform log collection |
|
|
Heterogeneous server/ device support |
|
|
Import logs |
|
|
Periodical import of logs |
|
Not specified |
Log filter |
|
|
Universal Log Parsing and Indexing(ULPI) |
|
Supported using AlienVault’s Data Source Plugin |
Log collection and processing rate |
20,000 logs/second with peak event handling capacity up to 25,000 logs/second. For Windows event logs the EPS is 2000 logs/second. |
Depends on the type of module you choose USM All-in-one 25A module supports up to 1,000 logs/second. |
Windows event log |
|
|
Syslog |
|
|
Any format – with Universal Log Parsing and Indexing (ULPI) technology |
|
Supported using AlienVault’s Data Source Plugin |
Amazon Web Services (AWS) EC2 Instance |
|
Requires separate product – USM for AWS |
Proprietary applications [Microsoft IIS Web Server, FTP Server (W3C logs), Apache Web Server, DHCP Windows, DHCP Linux] |
|
Supported using AlienVault’s Data Source Plugin |
Database applications [Oracle Audit, MS SQL Server] |
|
Supported using AlienVault’s Data Source Plugin |
Any application – with Universal Log Parsing and Indexing (ULPI) technology |
|
Supported using AlienVault’s Data Source Plugin |
Custom devices [IBM AS400 (iSeries), VMware] |
|
|
Custom devices
- Firewalls
- Intrusion Detection System/ Intrusion Prevention System (IDS/IPS)
- Anti-virus application
- Mail and web application
- Vulnerability Scanners
- Unified threat management solutions
-
- Symantec DLP Application
- FireEye
- Symantec Endpoint Solution
|
|
Supported using AlienVault’s Data Source Plugin |
Real-time alert Notification – Email, SMS, Run program |
|
|
Compliance alerts |
|
|
File Integrity Monitoring |
|
Available when FIM is enabled. Requires the deployment of OSSEC/HIDS agents |
Canned reports |
|
|
Custom reports |
|
|
Scheduled reports |
|
|
Report distribution via Email |
|
|
Reports in PDF, CSV & HTML formats |
|
Only as PDF format. |
Drill down to raw logs |
|
Not available. Has a separate report to view the raw log files of Firewall, Antivirus solution etc., |
Filter using mouse gesture |
|
Not specified. |
Management specific reports (Ask ME) |
|
|
Trend reports |
|
|
Privileged user activity monitoring reports |
|
|
Advanced Search using Boolean, Wildcards, Grouped Search, Range search, Phrase search |
|
Available in USM Logger component |
Formatted log search |
|
Available in USM Logger component |
Raw log search |
|
Available in USM Logger component |
Save search result as report and as alerts |
|
Not specified |
Canned reports |
|
|
Customizable report |
|
|
Reports for new compliance |
|
|
PCI-DSS |
|
|
HIPAA |
|
|
FISMA |
|
|
SOX |
|
|
GLBA |
|
|
ISO 27001 |
|
|
Event correlation |
|
|
User Session monitoring |
|
|
Reports on File Integrity Monitoring |
|
Available. Requires the deployment of OSSEC/HIDS agents |
Report Scheduling |
|
Available. Requires the deployment of OSSEC/HIDS agents |
Real-time alerts upon critical changes to files/folders being monitored |
|
Available. Requires the deployment of OSSEC/HIDS agents |
Audit trial reports on files/folders changes |
|
Available. Requires the deployment of OSSEC/HIDS agents |
Flexible periodicity |
|
|
Flexible retention |
|
|
Secured (Encrypted) |
|
|
Tamper-proof |
|
|
User based views |
|
|
User based dashboards |
|
|
Rebranding |
|
Not available |
Realm & user based access |
|
|
Active Directory based user authentication |
|
Not available |
RADIUS server based user authentication |
|
Not available |
Easy to install |
|
|
Web based Client |
|
|
Bundled database (PostgreSQL/MySQL) |
|
Not available |
Windows & Linux platforms support |
|
|
64 Bit support |
|
|
Appliance based |
|
|
Based on number of servers, devices & applications |
|
|
Annual Subscription Model |
|
|
Perpetual Model |
|
|
Cost |
Server/ application based licensing. Annual Subscription License Premium Edition 10 log sources pack starts at $495 (Including 1st year AMS). Yearly renewal includes upgrade, maintenance, and support. |
Annual Subscription License for AlienVault USM All-in-one pack for 25 assets is $3,900 (Including 1st year AMS). Yearly renewal pric |