ManageEngine EventLog Analyzer v10.0
Strengths: The web GUI provides customers with an easy-to-use interface when managing, integrating and monitoring assets.
Weaknesses: None found.
Verdict: For a product that is easily set up and integrated, it is packed with functionality that can securely support SIEM on one’s network.
The EventLog Analyzer from ManageEngine is quickly installed and easily scalable software that can be implemented for a network's SIEM solution. The product is readily available through both purchase and download allowing for rapid installation. It provides both an agent-based and agentless SIEM software that will give a network security team ease of mind. The vast customization and implementation possibilities allows admins to effortlessly monitor logs and simultaneously meet compliance standards.
EventLog Analyzer was extremely easy to setup. The product was shipped to us on a USB stick that contained all necessary documentation as well as a 32-bit and 64-bit Windows installer and a Linux-OS based installer. Once we placed the USB stick into our computer and moved the installer application onto our desktop, we executed it with administrator privilege. Once the installer was executed, we were prompted with two-choices: an advanced-installation button and a one-click installation button for default installation.
The product has an easy-to-use interface which allowed us to set up, configure and then easily begin managing logs in under five minutes. Once the installation was complete, we logged into the web GUI and began adding assets to integrate the software with our test network. A great relief to us was the software's out-of-the-box support for a variety of log sources consisting of Windows infrastructure, databases, web stacks, network devices, hypervisors, cloud infrastructure and others. The software is also capable of running more than a thousand compliance reports for event logs and syslogs once manageable assets are added. The compliance reporting section also provides the user with a great amount of customization for report generation with an easy-to-use interface. The analyzer's "log archival" functionality not only meets the compliance requirements for collected logs, but it also secures them by hashing and time stamping the logs.
Support is offered either as no-cost or fee-based solutions. However, the no-cost option only lasts during the product evaluation period. During that time, full email-, telephone- and web-based assistance is offered on an eight-hours-a-day/five-days-a-week basis. The fee-based option are made accessible starting at $1,748, but escalate depending on the number of log sources.
Overall, the EventLog Analyzer can provide a hassle-free and altogether effective solution for SIEM on one's network. The functionality that is packed into this product - along with the high level of support offered - makes the price well worth it. If you're searching for that easily integratable yet highly scalable SIEM solution for your network, EventLog Analyzer may be your product. - JV