We performed a comparison between ArcSight Logger and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The machine learning is a good feature."
"The ability to customize the solution in great detail is its most valuable features. We can customize the use cases and also have the ability to do scripting. We can personalize our dashboard as well. The scalability the solution offers is quite impressive."
"In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
"ArcSight's robustness is its most valuable feature."
"I am impressed with the product's ability to pick up logs. It also has UEBA which has reduced the time to take charge of the events."
"ArcSight provides the basic information that we want."
"The technical support team is good...It is a scalable solution."
"Some of the most valuable features I really appreciate are the performance, how quick the solution is, and how easy it is to create a query."
"The ability to analyze huge amounts of sales data and accurate prediction of sales forecasting is the most valuable feature."
"The breadth of the data sources that Splunk can ingest data from is broad and deep and it does an exemplary job at handling structured data."
"In the past we used the different application to collect logs. We used SurfWatch and VMware to do so. But, we found that the Splunk has more capacity to do more in less time. They provide a aster speed to index all the events , and this is a huge asset."
"The most valuable feature of Splunk Enterprise Security is the comprehensive logging capabilities it provides."
"The Splunk user community and forum are most valuable."
"We can present to our management in real time the security of the batch management for the PCs, security regarding the network equipment. We're currently working in the Azure Cloud project, so we can send any logs from the cloud to Splunk. We can monitor them and we can present to the managers and customers. It's a very good solution for reporting. We use Splunk for reporting and monitoring of any solution in the company."
"It helps us uncover bottlenecks in the network."
"The most valuable feature of Splunk is the management and built-in workflows."
"We find that the search and access functionality is quite slow."
"We have had problems with archiving."
"In the next release, I want to see more intelligence."
"I would like to see better scheduling in the next release of this solution."
"I would rate the technical support only 5 out of 10. The technical support is not satisfactory."
"The next release should have AI capabilities."
"The solution could be improved in maintenance settings."
"Using the ArcSight Logger dashboard is not particularly intuitive or efficient, so it is important to be trained in its use."
"The biggest problem is data compression. Splunk is an outstanding product, but it is a resource hog. There should be better data compression for being able to maintain our data repositories. We end up having to buy lots of additional storage just to house our Splunk data. This is my only complaint about it."
"This is a costly solution."
"The prices are complicated as we operate in a small third-world country."
"Sometimes, there is latency in the logs."
"Splunk should have more regional data centers in the Middle East."
"The administration of the cluster and app deployment to indexers or search heads can be done only using ssh access and command line, there is no GUI tools for that."
"Splunk's ability to analyze malicious activities scores an 8 out of 10, but there's room for improvement. By analyzing emerging patterns, Splunk could identify and predict potential threats more effectively."
"While there aren't any major areas where the solution has to be improved, there are certain integrations that are still not available. I would specifically like to see legacy applications integrated."
ArcSight Logger is ranked 28th in Log Management with 31 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 246 reviews. ArcSight Logger is rated 7.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of ArcSight Logger writes "A scalable and stable solution that enables users to see all the event logs in one place". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". ArcSight Logger is most compared with IBM Security QRadar, Elastic Security, Wazuh, LogRhythm SIEM and VMware Aria Operations for Logs, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Fortinet FortiAnalyzer. See our ArcSight Logger vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.