We performed a comparison between ArcSight Logger and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The UI-based analytics are excellent."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"We haven't had any crashes or bugs. It is stable."
"The ability to customize the solution in great detail is its most valuable features. We can customize the use cases and also have the ability to do scripting. We can personalize our dashboard as well. The scalability the solution offers is quite impressive."
"We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist."
"It provides in-depth information on business activities once we log into the system."
"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
"It's an efficient solution."
"The solution provides information about the risk factors."
"ArcSight provides the basic information that we want."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"I have no concerns about the stability of the product. I feel it handles the stress we put on it very well."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"We'd like to see more connectors."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"The solution should allow for a streamlined CI/CD procedure."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"We find that the search and access functionality is quite slow."
"The product's connectors should work better and the user manuals need an update."
"The platform is quite expensive. They should reduce its cost."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"It would be better if the product is cheaper."
"It is really difficult to work in ArcSight Logger, as it is very slow."
"The initial setup was a little bit complex."
"I would rate the technical support only 5 out of 10. The technical support is not satisfactory."
"Sumo Logic needs to make sure integrating solutions are seamless."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"The initial setup is the most stressful, like learning how to use it."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"The integration with multiple sources could be better."
ArcSight Logger is ranked 28th in Log Management with 31 reviews while Sumo Logic Security is ranked 20th in Log Management with 18 reviews. ArcSight Logger is rated 7.8, while Sumo Logic Security is rated 8.6. The top reviewer of ArcSight Logger writes "A scalable and stable solution that enables users to see all the event logs in one place". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". ArcSight Logger is most compared with Splunk Enterprise Security, IBM Security QRadar, Elastic Security, Wazuh and LogRhythm SIEM, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar. See our ArcSight Logger vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.