Arcsight Logger Competitors and Alternatives

Read reviews of Arcsight Logger competitors and alternatives
Splunk
User
Field Engineer at a tech services company with 501-1,000 employees
Apr 16 2018

What do you think of Splunk?

Primary Use Case We used it to create a full security operations center (SOC) for our IT department by adding all network and security devices, the AD, and mail servers to it. Then Splunk started to receive their logs, it analyzed them, and provided useful reports.   • Improvements to My Organization It helps the IT staff to monitor the full structure. It also makes use of all logs and takes proactive actions. • Valuable Features Integrity with many vendors: This simplifies the implementation and integration with different devices.  • Room for Improvement Enterprise security: Splunk must work on clarifying the solution to customers and explain how to gain more from it. • Use of Solution One to three years.
Real User
Senior Security Analyst at The Hartford
Mar 31 2017

What do you think of IBM QRadar?

Valuable Features The most valuable feature for us is probably the intelligence we get out of the product. • Improvements to My Organization The organizational value we derive from it is that it helps us track down where we have problems. • Room for Improvement We appreciate ease of use in the product, so I suppose they could bring the cost down. I haven't really thought about possible improvements. They've added a lot of good features to the apps. I'm still exploring those and there are a lot of good features there. • Use of Solution I have used the solution for about 15 years. • Stability Issues Overall I'd say the stability is pretty good. I have noticed some issues with the patch and updates recently, especially version 72A. There have been some problems where...
User
Consultor de Seguridad at Grupo CEPRA
Jun 20 2018

What is most valuable?

It supports SQL for logging and reporting. Log data is inserted into the SQL database for log view and report generation. Another feature is the custom reports, where you can obtain a chart builder from a log view: traffic, event, or security... more»

How has it helped my organization?

FAZ has improved the organization because it stores events in the past so we can correlate incidents using another monitor tools; the problem is that it can´t recognize logs from FortiController blades, not even specifying it as a syslog... more»

What needs improvement?

It is very important that FAZ can support FortiController as the architecture designed for the network. FortiController should be registered in FAZ at least for event logs.

Sign Up with Email