We performed a comparison between ArcSight Logger and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's an efficient solution."
"In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
"Our return on investment for implementing ArcSight Logger over the past 12 months has been positive."
"The solution provides information about the risk factors."
"The log digestion features from threat intelligence platforms like Recorded Future or Talos are valuable."
"It's a robust, mature product and you can do some really complex operations and analytics."
"We check a lot of logs in ArcSight Logger because we're running a massive database platform."
"It is one of the best products available in the market."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"It is scalable."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"ELK documentation is very good, so never needed to contact technical support."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"The most valuable feature is the machine learning capability."
"It would be better if the product is cheaper."
"You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."
"The console in older versions is not user-friendly."
"We have had problems with archiving."
"It is really difficult to work in ArcSight Logger, as it is very slow."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"In the next release, I want to see more intelligence."
"I had some latency issues for two months. I had to increase our storage capacity significantly to reduce the latency."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"The tool should improve its scalability."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
ArcSight Logger is ranked 28th in Log Management with 31 reviews while Elastic Security is ranked 5th in Log Management with 59 reviews. ArcSight Logger is rated 7.8, while Elastic Security is rated 7.6. The top reviewer of ArcSight Logger writes "A scalable and stable solution that enables users to see all the event logs in one place". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". ArcSight Logger is most compared with Splunk Enterprise Security, IBM Security QRadar, Wazuh, LogRhythm SIEM and VMware Aria Operations for Logs, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Rapid7 InsightIDR. See our ArcSight Logger vs. Elastic Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
