VENDOR: Zoho Corp.
WHAT: This product takes an agentless approach to collecting and analyzing machine-generated logs.
PRICE: Starts at $1,995
VENDOR: SolarWinds
WHAT: The SolarWinds Log & Event Manager, also known as the LEM, is a virtual appliance capable of collecting logs and events from almost any network-connected device and then correlating that data for further analysis.
PRICE: $4,495, including license and one-year of maintenance.
VENDOR: NetIQ
WHAT: This product features log collection, aggregation, correlation and analysis and reporting – all from one single point that is easy to use and manage.
PRICE: $48,400, including license and first-year maintenance.
VENDOR: LogRhythm
WHAT: This appliance features log and event management functions as with any SIEM, but beyond that it includes advanced correlation and pattern recognition driven by its onboard Advanced Intelligence Engine, and host and file integrity monitoring and drill-down capabilities to get to the raw log data for analysis and forensics.
PRICE: $25,000
VENDOR: HP
WHAT: The HP ArcSight Express appliance features a full set of SIEM capabilities, including security event correlation, log management, IT search, NetFlow monitoring and compliance reporting.
PRICE: $45,000
VENDOR: GFi
WHAT: GFI EventsManager collects, centralizes, normalizes, consolidates and analyzes a wide range of log types, such as World Wide Web Consortium (W3C) and any text-based formats, Windows events, SQL Server and Oracle audits, and syslog and simple network management protocol (SNMP) traps generated by devices, such as firewalls, servers, routers, switches, sensors, SQL server systems, PCs and custom devices.
PRICE: GFI offers two basic pricing options. Both provide check-based monitoring for servers, workstations and network devices together with log data management and analysis. Pricing is differentiated by log type(s). Price: Starting at $147 per node for 50-99 nodes for GFI’s “Complete” license offering support for of all supported log types. GFI also offers an “Active Monitoring” license at $39 per node for 50-99 nodes for workstation logs in .evt(x) and text format.
VENDOR: EventTracker
WHAT: EventTracker Enterprise is comprehensive. It is designed to be scalable to address multiple locations, business units and domains using the EventTracker Stand-Alone, Collection Point and Collection Master architecture.
PRICE: Starts at $4,599 per 10 servers, $7,824 for 25 servers, and $12,799 for 50 servers.
VENDOR: eIQnetworks
WHAT: SecureVue provides all of the elements one would expect in a SIEM – log consolidation, threat correlation, incident management (including ticket issuance), event analytics, forensic analysis, compliance reporting, change auditing, event alerting, an array of user definable/customizable alerting and reporting options, and more.
PRICE: Starts at $12,594 for 25 devices (software only option). The appliance-based solution starts at $24,594 for 25 devices.
VENDOR: CorreLog
WHAT: CorreLog Enterprise Server combines real-time log management with correlation, auto-learning functions, high-speed search, ticketing and reporting services.
PRICE: Starts at $5,000.
VENDOR: BlackStratus
WHAT: LOG Storm combines log management and security information management with correlation technology, real-time monitoring and an integrated incident response system.
PRICE: Starts at $9.000. LOG Storm is available in three different virtualized models – one of them being free – and four different hardware models with varied memory and storage capacities. Perpetual licensing and flexible subscription pricing is offered.
