Arcsight Logger Review

User behavior analytics for investigating


What is our primary use case?

We use the on-premise version of ArcSight Logger.

What is most valuable?

In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating.

What needs improvement?

I think the ArcSight team should try to simplify legacy products for the customers, because that product is not easy to use or to work with. It needs more more competency or appeal to use. We hope Micro Focus is trying to resolve this.

A lot of people that compare this solution with QRadar or McAfee say that the other products in the market are more easier to use than ArcSight. After customers do the training to see how they can use it, they change their minds a little bit, but it still seems that Micro Focus should take some time to reduce the complexity in using Arcsight.

ArcSight should give each customer more visibility or a more useful presentation on the web product. There are a lot of customers that want to use the product in the web, especially to use the dashboard, but the dashboard is not so beautiful.

For how long have I used the solution?

We've been using this solution for five years.

What do I think about the stability of the solution?

It has worked fine until now for whatever I needed. Sometimes an issue can occur when a client wants to upgrade the software to a major version. For the most part though, it is very stable.

What do I think about the scalability of the solution?

Well before the last version I think it was a little bit difficult, but now with the new version that is integrated with the ESM it's little bit more efficient.

How are customer service and technical support?

That is one of the bad things with Micro Focus. They are not so reactive and sometimes it takes more time to address the issue. There are many tickets that have not been resolved yet. We hope that Mirco Focus will be more reactive than they are at the moment.

How was the initial setup?

The deployment doesn't take much time for the standard setup, but it can take more time when we need to integrate the device with the system. Sometimes we have found that we are not supported naturally and must do some tuning to integrate it. That can take some more time, but setup of the initial system does not taking more time. It's easy for me now to do this setup. I remember during my first year it took a little bit more time, but that's normal. It's easier to deploy the product in the basic standard, but in the complex module, it takes a little bit more time.

What's my experience with pricing, setup cost, and licensing?

ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition.

What other advice do I have?

I would rate this solution as ten out of ten.

Whenever I talk about the product I tell the user to start easy, not to take the whole package and to try to use it quickly. Start with the basics, then you can ramp up fluidly. Sometimes the client or customer wants to take it urgently so at that moment it will be more difficult to use. I prefer to take the product step by step.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 Comment
author avatarDavidShephard
Vendor

Thank you for your honest feedback and the 5 star score. I will ensure that your comments related to support, complexity, and pricing are passed to the Product Manager.

Guest
Sign Up with Email