- Scalability of the smart connectors
- Ease of storing billions of events without special storage needs
- Great compression rates
ArcSight Logger Review
We like the compression rates and scalability of the smart connectors.
What is most valuable?
How has it helped my organization?
First of all, the collection of a mass of events is a challenge for enterprise companies. You need a great deal of storage and how you collect them is an issue. The smart connectors and great compression rates of ArcSight helped us a lot.
The other thing is to be able to be competitive as you need to show that you need a logging system that complies to the laws in your country and company policy so that you can continue to do your business. With ArcSight, we easily pass the requirements of the external audits our clients require.
What needs improvement?
I would say that the consolidation should be done only by using ArcSight. We need to use the ESM module to create complex rules and reports as we can only do limited reports with ArcSight.
For how long have I used the solution?
We've used it for about two years.
What was my experience with deployment of the solution?
The main problem is how to collect logs from various resources.
What do I think about the stability of the solution?
The smart connectors are very stable.
What do I think about the scalability of the solution?
We've had no issues scaling it for our needs.
How are customer service and technical support?
Since we work with partners, I can't say too much. However, for every company on this planet there is always room for improvement in the level of support.
Which solution did I use previously and why did I switch?
This was the first solution we've used, and I believe it will be the last solution we need.
How was the initial setup?
We used an appliance, so the setup was very easy. But I must say that even if you use an open server, it is not complex to deploy this product.
What about the implementation team?
We worked with a partner for the implementation.
What was our ROI?
It is really hard to measure ROI financially, but there are some important things to say. First of all, since it's easy to use, our operational time has decreased so that we as technical staff have much more time to spend on other issues. Since we collect all of the logs, we can investigate fraud and find their sources. We can also find the causes of system outages.
What other advice do I have?
It works fast and you can collect just about everything. The only drawback is that without ESM, you are limited. The most important thing is the scalability of the product and its ease of use. Companies like us need some specific connectors, and smart connectors give us a very scalable solution. Also, even though we have billions of events, it is really fast in finding the logs we need. That makes this solution amazing.
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Mar 21 2016
Author
it_user409197
Security Architecture Senior Specialist at a comms service provider with 1,001-5,000 employees
Vendor
BUYER'S GUIDE
Download our free Log Management Report and find out what your peers are saying about Micro Focus, Elastic, Splunk, and more!
