ManageEngine EventLog Analyzer is the most cost effective Security Information and Event Management (SIEM) software. Using this log management software, organizations can automate the entire process of managing terabytes of machine generated logs by collecting, analyzing, searching, reporting, and archiving from one central location.
QRadar SIEM gives security professionals the visibility they need to protect their networks. QRadar's advanced SIEM technology protects IT assets from a growing landscape of advanced threats as well as meets current and emerging compliance mandates.
This document provides a feature-wise comparison report between ManageEngine EventLog Analyzer and QRadar SIEM.
Feature Comparison
| Agent-less |
|
Not Specified |
| Agent based |
|
|
| Cross platform log collection |
|
|
| Heterogeneous server/ device support |
|
|
| Import logs |
|
|
| Log filter |
|
|
| Universal Log Parsing and Indexing(ULPI) |
|
|
| Windows event log |
|
|
| Syslog |
|
|
| Amazon Web Services (AWS) EC2 Windows instances |
|
Not Mentioned |
| Proprietary applications [Microsoft IIS Web server, FTP server (W3C logs), Apache Web Server] |
|
|
| Proprietary applications [DHCP Windows, DHCP Linux] |
|
|
| Database applications |
Oracle Audit, MS SQL server |
|
| Custom devices [IBM iSeries (AS/400), VMware] |
|
|
Custom devices
- Firewalls
- Virtual Private Networks (VPNs)
- Intrusion Detection System/ Intrusion Prevention System (IDS/IPS)
- Anti-virus application
- Mail and web application
|
|
|
| Real-time alert |
|
|
| Notification – Email, SMS, Run program |
|
Not Mentioned |
| Compliance alerts |
|
|
| Canned reports |
|
|
| Custom reports |
|
|
| Scheduled reports |
|
|
| Report distribution via Email |
|
|
| Reports in PDF, CSV & HTML formats |
|
|
| Drill down to raw logs |
|
|
| Filter using mouse gesture |
|
Not Mentioned |
| Management specific reports (Ask ME) |
|
|
| Trend reports |
|
|
| Internal user activity reports |
|
|
| Advanced Search using Boolean, Wildcards, Grouped Search, Range search, Phrase search |
|
|
| Formatted logs |
|
|
| Raw logs |
|
|
| Save search result as report |
|
Not Mentioned |
| Canned reports |
|
|
| Customizable report |
|
|
| Reports for new compliance |
|
Not Mentioned |
| PCI-DSS |
|
|
| ISO 27001:2013 |
|
Not Mentioned |
| HIPAA |
|
|
| FISMA |
|
|
| SOX |
|
|
| GLBA |
|
|
| NERC CIP |
|
|
| Event correlation |
|
|
| User Session monitoring |
|
|
| Reports on File Integrity Monitoring |
|
Requires integration with another product |
| Report Scheduling |
|
Requires integration with another product |
| Real-time alerts upon critical changes to files/folders being monitored |
|
Requires integration with another product |
| Audit trial reports on files/folders changes |
|
Requires integration with another product |
Custom devices
- eEye REM
- McAfee Foundstone Foundscan
- Juniper NSM Profiler
- nCircle IP360
- NMap
- Patchlink (Lumension/Harris) Scan
- Qualys
- Rapid7 NeXpose
- Saint
- SecureScout
|
|
|
| Flexible periodicity |
|
|
| Flexible retention |
|
|
| Secured (Encrypted) |
|
|
| Tamper-proof |
|
|
| User based views |
|
|
| User based dashboards |
|
|
| Rebranding |
|
Not specified |
| Realm & user based access |
|
(For Reports) |
| Active Directory based user authentication |
|
|
| RADIUS server based user authentication |
|
|
| Easy to install |
|
Not Mentioned |
| Web based Client |
|
|
| Bundled database |
|
|
| Windows & Linux platforms support |
|
|
| 64 Bit support |
PostgreSQL |
Ariel Database |
| Number of servers, devices & applications |
|
Not Mentioned |
| Annual Subscription Model |
|
Not Mentioned |
| Perpetual Model |
|
Not Mentioned |
| Cost |
Economical.
Server/ application based licensing. Annual Subscription License Professional Edition 25 hosts starts at $795. Yearly renewal includes upgrade, maintenance, and support. Perpetual License Professional Edition 25 hosts starts at $1995 plus annual support fee. |
Pricing on request |
