- Scalability of the smart connectors
- Ease of storing billions of events without special storage needs
- Great compression rates
ArcSight Logger Review
We like the compression rates and scalability of the smart connectors.
What is most valuable?
How has it helped my organization?
First of all, the collection of a mass of events is a challenge for enterprise companies. You need a great deal of storage and how you collect them is an issue. The smart connectors and great compression rates of ArcSight helped us a lot.
The other thing is to be able to be competitive as you need to show that you need a logging system that complies to the laws in your country and company policy so that you can continue to do your business. With ArcSight, we easily pass the requirements of the external audits our clients require.
What needs improvement?
I would say that the consolidation should be done only by using ArcSight. We need to use the ESM module to create complex rules and reports as we can only do limited reports with ArcSight.
For how long have I used the solution?
We've used it for about two years.
What was my experience with deployment of the solution?
The main problem is how to collect logs from various resources.
What do I think about the stability of the solution?
The smart connectors are very stable.
What do I think about the scalability of the solution?
We've had no issues scaling it for our needs.
How are customer service and technical support?
Since we work with partners, I can't say too much. However, for every company on this planet there is always room for improvement in the level of support.
Which solution did I use previously and why did I switch?
This was the first solution we've used, and I believe it will be the last solution we need.
How was the initial setup?
We used an appliance, so the setup was very easy. But I must say that even if you use an open server, it is not complex to deploy this product.
What about the implementation team?
We worked with a partner for the implementation.
What was our ROI?
It is really hard to measure ROI financially, but there are some important things to say. First of all, since it's easy to use, our operational time has decreased so that we as technical staff have much more time to spend on other issues. Since we collect all of the logs, we can investigate fraud and find their sources. We can also find the causes of system outages.
What other advice do I have?
It works fast and you can collect just about everything. The only drawback is that without ESM, you are limited. The most important thing is the scalability of the product and its ease of use. Companies like us need some specific connectors, and smart connectors give us a very scalable solution. Also, even though we have billions of events, it is really fast in finding the logs we need. That makes this solution amazing.
Which version of this solution are you currently using?
6.0.0.7285.0
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Mar 21 2016
More ArcSight Logger reviews from users
Learn what your peers think about ArcSight Logger. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
455,962 professionals have used our research since 2012.
Author
it_user409197
Security Architecture Senior Specialist at a comms service provider with 1,001-5,000 employees
Vendor
Highlights
The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution.
In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating.
The most valuable feature is the level of detail that you can see about certain events, even when they do not come up in the console.
The ability to customize the solution in great detail is its most valuable features. We can customize the use cases and also have the ability to do scripting. We can personalize our dashboard as well. The scalability the solution offers is quite impressive.
We haven't had any crashes or bugs. It is stable.
It's an efficient solution.
The most valuable feature is the search capability, which is simple to use.
Product Categories
Log ManagementPopular Comparisons
ELK Logstash
LogRhythm NextGen SIEM
Graylog
IBM QRadar
vRealize Log Insight
Fortinet FortiAnalyzer
Google Stackdriver
Sumo Logic
SolarWinds Kiwi Syslog Server
Tripwire Log Center
Nagios Log Server
Check Point Security Management
AT&T AlienVault USM
Buyer's Guide
Download our free ArcSight Logger Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links