SIEM solutions are a must-have in any organization’s security toolkit. They allow you to analyze events from your network, gain actionable insights into network activity, and detect and mitigate data breaches and other security incidents, all while remaining compliant with regulatory mandates.
Log360 is ManageEngine’s comprehensive SIEM offering that helps organizations meet a wide range of auditing, security, and compliance needs. It has been recognized in Gartner’s Magic Quadrant for SIEM for three years in a row now, and has even been named a champion in Software Reviews’ Customer Experience Diamond for SIEM, 2019.
So what makes Log360 stand out from the rest? In this blog series, we’ll talk about five reasons why people love Log360.
Installation and deployment
The first question you might ask when evaluating a new solution is, “How quickly can I get this set up in my environment?” So that’s where we’ll start.
Log360 is an integrated solution that provides all of its functionality from a central, web-based console. All you have to do is download and run the installation files for the main product and any required add-ons. All necessary components, like the database, are bundled along with the installation files.
Deploying the solution requires minimal effort. With the solution’s auto-discovery feature, you can easily discover and add the various domain controllers, Windows and Unix servers, network devices like firewalls and routers, and even applications such as SQL servers and IIS web servers, all of which you need to monitor.
Log360 collects logs using an agentless method by default, but you can opt for agent-based collection if required. If you choose agent-based collection, agents are automatically installed on the required devices, and you can easily manage them from the central console.
As soon as you add the sources you need to monitor, Log360 starts collecting events and generating insights for you in the form of concise reports. On top of this, critical features like the threat intelligence module come preconfigured. This module starts scanning your network logs for threats as soon as they are collected.
Intuitive user interface
Log360 offers several features to improve the user experience, including:
- A simple layout and easy navigation: The user interface is highly intuitive and easy to get used to. The tab-based layout allows you to easily find the exact report or feature you need.
- Dashboards: Widget-based dashboards give you an overview of the state of your network at a glance. You can customize the appearance of your dashboards as required.
- Reports: Log360’s reports are easy to interpret and provide graphical and tabular views of events occurring in your network.
- Report drilldown: Easily drill down to raw log information by clicking on your reports.
- Filters: Use filters to show information only for the required log sources/users. The calendar widget allows you to easily select the date and time range you need a report for.
- Search: You can use the advanced query builder to create search queries using a graphical interface, or type in search queries and receive automatic suggestions for log field names.
- Context-based help cards: Help cards and links to product documentation are available throughout the interface to guide you when necessary.
With all of these features, getting the solution up and running is a breeze, and you can start gaining value from your Log360 deployment within hours.