ArcSight Logger Review

It gives administrators the ability to turn off some of the options displayed in case they don't need to see those specific sections.


What is most valuable?

The functionalities of this particular server is absolutely phenomenal. The server has the ability to provide in-depth, real-time awareness of all actives on the network.

The platform also gives the administrators the ability to turn off some of the options displayed in case they don't need to see those specific sections.

The ability to query anything at any time using any specific field required, and the ability to automate the logger storage capabilities are great features.

How has it helped my organization?

Before the logger was installed on our network, we were very limited as to what type of information we could get back from our previous logger because the old one didn't have as many functionalities.

With ArcSight Logger, our ability to have a more in-depth look into the network traffic and the ability to save the reports for a set amount of time was a huge improvement.

What needs improvement?

The only thing I did not particularly like about the product was its speed on the web interface. It took very long for it to populate and perform the queries.

For how long have I used the solution?

I used this product as a network administrator for two years.

What was my experience with deployment of the solution?

The installation of the server and its agents on the network devices went extremely smoothly. The only issue we had was finding the correct agents to install on our older UNIX-based servers for which we had to contact HP to get information on how to go about acquiring the correct agents.

What do I think about the stability of the solution?

We have had no issues with the stability.

What do I think about the scalability of the solution?

We had no issues scaling it for our needs.

How are customer service and technical support?

We never actually had to call customer support because of the technical forums available to all ArcSight users who could share information and help troubleshoot in case anything was wrong or unclear about how to set up and use the system.

Which solution did I use previously and why did I switch?

We were using a different product for our monitoring and logging services. The reason why we chose to switch over was the in-depth analysis capabilities provided by HP ArcSight which were not previously available to us.

How was the initial setup?

Initially, we had some trouble finding the right agents to install on our servers since we were using some proprietary software on the network, but after we got past that step, everything else was pretty straightforward.

What about the implementation team?

We had one agent come out to our office to assist us with the implementation.

What other advice do I have?

Start using the available resources by registering your product immediately after deploying the unit and contributing to the ArcSight community.

Also, once you decide to go with ArcSight, make sure you go with the complete solution recommended by HP based on the size of your network because that could potentially cause the ArcSight server to perform extremely slow.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest