IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

ManageEngine Log360 review: SIEM for all seasons

ManageEngine shows log management needn’t cost a king’s ransom

IT Pro Value
£452 exc VAT per year (starting price)
  • Superb value
  • Easy to deploy
  • Huge range of logging and auditing features
  • Centralized management
  • Very responsive support staff
  • Host is very resource-hungry

Part of ManageEngine’s burgeoning product portfolio, Log360 delivers a complete SIEM (security information and event management) solution that’s priced right for SMBs and mid-sized organizations. It teams up a choice selection of ManageEngine’s IT security management products, amalgamates them into a single web console for easy access and offers optional add-on products to further enhance its efficacy.

The Log360 web site is a tad vague about what is actually included in the suite so we asked ManageEngine support to clarify. It advised us that the base Log360 suite includes ADAudit Plus, EventLog Analyzer, O365 (Office 365) Manager Plus and Log360 UEBA (user and entity behavior analytics).

Add-ons include Exchange Reporter Plus for on-premises mail server auditing and ADManager Plus, which adds a heap of Active Directory reporting tools. DataSecurity Plus also provides file server auditing and DLP (data leak prevention) while Cloud Security Plus collects and analyzes log data from AWS, Azure, Google Cloud and SalesForce.

ManageEngine Log360 review: Pricing and getting started

Prices for Log360 start at around £452 but costs will depend entirely on what you want to monitor. We requested a quote from ManageEngine for 1 domain controller, 5 Windows servers, 5 syslog sources, 100 workstations, 5 Windows file servers, 5 application auditing licenses, AD reporting, an Exchange server, UEBA and a single Office 365 tenant and it came back the next day with annual subscription cost of only £4,078.

Initial installation of the base Log360 suite is simple, as it’s handled by a single routine. We loaded in on a Windows Server 2019 Hyper-V VM logged in as a domain member, and the suite was ready to go in 20 minutes.

Each individual component has its own web console with a dedicated port number and Log360 provides a single pane of glass for accessing them all. If you install more components later on, you can add them to the main Log360 console by entering their host name and service port number.

We suggest adhering to the recommended host hardware specification as the minimum requirement is nowhere near enough - our VM initially had 2 CPU cores plus 8GB of memory and Log360 ate the lot. In fact, we weren’t happy with performance until we had assigned 8 virtual Xeon Scalable Gold cores and 32GB of memory to the Log360 VM.

ManageEngine Log360 review: ADAudit Plus and EventLog Analyzer

The Log360 console opens with dashboard status overviews of all components, and each one can be quickly accessed from the side bar. ADAudit Plus presents graphs for at-a-glance views of user logon failures, account deletion, modification and creation activities, logon failure error reasons, logon activity, account lockouts and password changes.

It offers access to hundreds of exportable reports on all manner of AD activity (and Azure AD if configured), while the Compliance tab provides reports on regulatory standards including SOX, PCI-DSS, HIPAA and, of course, GDPR. You can peruse activity on Windows, NetApp, Dell EMC and Synology file servers, use analytics to spot anomalous activity and choose when to archive logs for 24 different AD categories

EventLog Analyzer supports over 750 log sources so you can integrate data from your core servers, firewalls, routers, switches, databases, VMware and Hyper-V hypervisors, web servers, vulnerability scanners and endpoint security products. Logs are easily managed as it provides full archiving facilities, where you specify intervals and retention periods and elect to have the files securely encrypted and time-stamped.

Log interrogation features are outstanding; you can use the console’s top search bar for fast results or create more complex queries using wild-cards, phrases, Boolean operators, groups and ranges. Log data can be correlated from multiple sources and reporting tools include a range of canned reports plus a full set for GDPR compliance.

ManageEngine Log360 review: O365 Manager Plus and Log360 UEBA

O365 Manager Plus just required us to enter our tenant details and we could then use its customisable dashboard to view mail traffic, malware and spam activity, top senders or receivers, mobile users, mailbox quotas and much more. The usage view required ManageEngine’s RESTful API access to be enabled and then we could view our user’s OneDrive, Skype and Teams activities.

Reports are available for all Office 365 functions and range from mailboxes and mail traffic to all things related to users, groups, contacts, account security and registered Azure AD devices. Extensive auditing for both Exchange Online and Azure AD is only a few clicks away and logs older than a set number of days can be archived and password protected.

Log360 UEBA opens with an informative dashboard showing how many events have been ingested, anomalies detected, trends over time plus users and devices being tracked. Each user and entity is assigned a risk score based on their activities, which you can view from the relevant dashboard to see why they have been marked up for attention and generate detailed anomaly reports on areas such as failed logins, registry activities, firewall changes and even USB device usage.

ManageEngine Log360 review: Optional add-ons

If you have an on-prem Exchange server then Exchange Reporter Plus is well worth considering. Its main dashboard shows all inbound and outbound mail activity along with a traffic summary and a sidebar which highlights alerts you need to investigate. Extensive predefined reports tell you everything you need to know about your organisation’s email while the auditing section keeps you informed of any changes to your Exchange databases along with mailbox permissions and properties.

Another add-on that’s worth a look is ADManager Plus, as this takes AD reporting to a higher level. However, note that this is a cut down version for Log360 that doesn’t include the AD object management tools provided by the full standalone version.

ManageEngine Log360 review: Verdict

Businesses worried about GDPR compliance can rest easy with Log360 at their side as it delivers an excellent range of event log and security management tools. Best installed on a dedicated host, it neatly integrates everything into one central console, more components can be added as required and it’s all offered at a competition-thrashing price.

ManageEngine Log360 system requirements (recommended)


3GHz, 8 cores



Disk space



Windows 7, Server 2012 R2 upwards

Featured Resources

Meeting the future of education with confidence

How the switch to digital learning has created an opportunity to meet the needs of every student, always

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

Technology reimagined

Why PCaaS is perfect for modern schools

Free Download


Paessler PRTG Network Monitor 21.4 review: Hard to beat
Network & Internet

Paessler PRTG Network Monitor 21.4 review: Hard to beat

15 Mar 2022
Best paying tech jobs of 2022
Careers & training

Best paying tech jobs of 2022

10 Mar 2022
Edge-to-cloud security webinar

Edge-to-cloud security webinar

8 Mar 2022
Edge-to-cloud security webinar

Edge-to-cloud security webinar

8 Mar 2022

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
Attracting and retaining talent through training

Attracting and retaining talent through training

13 Jun 2022
Delivery firm Yodel disrupted by cyber attack
cyber attacks

Delivery firm Yodel disrupted by cyber attack

21 Jun 2022