ManageEngine EventLog Analyzer is the most cost effective and comprehensive Security Information and Event Management (SIEM) software. Using this software, organizations can automate the entire process of managing terabytes of machine-generated logs by collecting, analyzing, searching, reporting, and archiving from one central location. This tool is powerful yet simple to use and understand.
SolarWinds Log & Event Manager is a SIEM solution that is difficult to deploy and use. It requires separate installation of standalone applications such as Database Auditor tool and the reporting console to probe into your log data and get appropriate information.
This document provides a feature-wise comparison report between ManageEngine EventLog Analyzer and SolarWinds Log & Event Manager.
Feature Comparison
| Agent-less |
|
|
| Agent based |
|
|
| Cross platform log collection |
|
|
| Heterogeneous server/ device support |
|
|
| Import logs |
|
|
| Periodical import of logs |
|
|
| Log filter |
|
|
| Universal Log Parsing and Indexing(ULPI) |
|
Not available |
| Log collection and processing rate |
20,000 logs/second with peak event handling capacity up to 25,000 logs/second. For Windows event logs the EPS is 2000 logs/second. |
Not Specified |
| Windows event log |
|
|
| Syslog |
|
|
| Any format - with Universal Log Parsing and Indexing (ULPI) technology |
|
Not available |
| Amazon Web Services (AWS) EC2 Instance |
|
Not Specified |
| Proprietary applications [Microsoft IIS Web Server, FTP Server (W3C logs), Apache Web Server, DHCP Windows, DHCP Linux] |
|
|
| Database applications [Oracle Audit, MS SQL Server] |
|
Yes. With the installation of special `Auditor` tool. |
| Any application - with Universal Log Parsing and Indexing (ULPI) technology |
|
Not available |
| Custom devices [IBM AS400 (iSeries), VMware] |
|
|
Custom devices
- Firewalls
- Intrusion Detection System/ Intrusion Prevention System (IDS/IPS)
- Anti-virus application
- Mail and web application
- Vulnerability Scanners
- Unified threat management solutions
-
- Symantec DLP Application
- FireEye
- Symantec Endpoint Solution
|
|
|
| Real-time alert |
|
|
| Notification - Email, SMS, Run program |
|
|
| Compliance alerts |
|
|
| File Integrity Monitoring |
|
|
| Canned reports |
|
300+ reports available in a separate standalone application - LEM Reports. Users need to install this reporting console separately. |
| Custom reports |
|
Available in a separate standalone console viz., LEM Reports. |
| Scheduled reports |
|
Available in a separate standalone console viz., LEM Reports. |
| Report distribution via Email |
|
Available in a separate standalone console viz., LEM Reports. |
| Reports in PDF, CSV & HTML formats |
|
Available in a separate standalone console viz., LEM Reports. |
| Drill down to raw logs |
|
Not available |
| Filter using mouse gesture |
|
Not available |
| Management specific reports (Ask ME) |
|
Not available |
| Trend reports |
|
Available in a separate standalone console viz., LEM Reports. |
| Privileged user activity monitoring reports |
|
Available in a separate standalone console viz., LEM Reports. |
| Advanced Search using Boolean, Wildcards, Grouped Search, Range search, Phrase search and more |
|
Not available |
| Formatted log search |
|
Yes. Using separate nDepth appliance. |
| Raw log search |
|
Yes. Using separate nDepth appliance. |
| Save search result as report and as alerts |
|
You can save search results as reports using the nDepth appliance. But it cannot be saved as an alert profile. |
| Canned reports |
|
Available in a separate console viz., LEM Reports. |
| Customizable report |
|
Available in a separate standalone console viz., LEM Reports. |
| Reports for new compliance |
|
Available in a separate standalone console viz., LEM Reports. |
| PCI-DSS |
|
Available in a separate standalone console viz., LEM Reports. |
| HIPAA |
|
Available in a separate standalone console viz., LEM Reports. |
| FISMA |
|
Available in a separate standalone console viz., LEM Reports. |
| SOX |
|
Available in a separate standalone console viz., LEM Reports. |
| GLBA |
|
Available in a separate standalone console viz., LEM Reports. |
| ISO 27001 |
|
Available in a separate standalone console viz., LEM Reports. |
| Event correlation |
|
|
| User Session monitoring |
|
|
| Reports on File Integrity Monitoring |
|
Available in a separate console viz., LEM Reports. |
| Report Scheduling |
|
Available in a separate console viz., LEM Reports. |
| Real-time alerts upon critical changes to files/folders being monitored |
|
|
| Audit trial reports on files/folders changes |
|
|
| Flexible periodicity |
|
|
| Flexible retention |
|
|
| Secured (Encrypted) |
|
|
| Tamper-proof |
|
|
| User based views |
|
|
| User based dashboards |
|
|
| Rebranding |
|
Not available |
| Realm & user based access |
|
Not specified |
| Active Directory based user authentication |
|
Not specified |
| RADIUS server based user authentication |
|
Not specified |
| Easy to install |
|
|
| Web based Client |
|
|
| Bundled database (PostgreSQL/MySQL) |
|
Not specified |
| Windows & Linux platforms support |
|
No. Supports deployment only in VMWare ESX/ESXi 4.0 and above and Hyper-V Server 2008, 2008 R2, 2012, 2012 R2 environments. |
| 64 Bit support |
|
|
| Based on number of servers, devices & applications |
|
|
| Annual Subscription Model |
|
|
| Perpetual Model |
|
|
| Cost |
Economical. The basic pack for monitoring 10 log sources (Premium Edition) costs only $495. |
Expensive. Expensive. 30 Hosts pack starts at $4,495. |
Why do you need to consider EventLog Analyzer over Log & Event Manager?
- Easy to deploy and simple to use.
- Supports both agent-less and agent-based log collection
- Provides a single console to perform all the log management operations.
- Provides in-depth analysis capability that meets the reporting, alerting and auditing needs with simple and single installation of the tool.
- Supports processing of any human readable log format using ULPI technology.
- Processes the log data at a high speed of 20,000 logs/second.
