ArcSight Logger Overview

ArcSight Logger is the #11 ranked solution in our list of Log Management Software. It is most often compared to ELK Logstash: ArcSight Logger vs ELK Logstash

What is ArcSight Logger?
HPE ArcSight Data Platform (ADP) offers a future-ready data solution that enriches data in real time and supports open standards for better threat detection. Using security data connectors, ADP collects data and enriches it in real-time to give analysts organized information that can be acted upon instantly.

ArcSight Logger is also known as Micro Focus Arcsight Logger, HPE Arcsight Logger.

ArcSight Logger Buyer's Guide

Download the ArcSight Logger Buyer's Guide including reviews and more. Updated: January 2021

ArcSight Logger Customers
China Merchants Bank, Bank AlJazira, Banca Intesa
ArcSight Logger Video

Pricing Advice

What users are saying about ArcSight Logger pricing:
  • "ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."

ArcSight Logger Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Hassan_MOUSSAFIR
Chief Information Security Officer at Wafa assurance
Real User
Top 5Leaderboard
Jan 27, 2020
Passes compliance thresholds and standard requirements and has good performance

Pros and Cons

  • "It's an efficient solution."
  • "The console in older versions is not user-friendly."

What other advice do I have?

Arcsight was a technology we used for CM security information event management. We deployed it when I was an Information Security Senior Engineer in a company that provided electricity and water for Casablanca and neighboring cities. Arcsight was a requirement for the ISO27001 standard. It was a requirement because the company was certified. For the first audit, we presented the roadmap that contained the deployment of that kind of solution. After that, we launched an offering to different information system providers. We choose Arcsight as the CM solution. A requirement of our local…
Igor Dzakula
Vulnerability Assessor at Telenor Common Operation
Real User
Top 20
Mar 12, 2019
Can handle a huge amount of logs and we are able to create use cases to fit our needs

What is our primary use case?

We have several uses for this solution like retention storage. We use Logger for some queries since we are in Talco industries. We use it for IT, MSISDN, and mobile phone. For the SM we have communication for the infrastructures including security. Plus, we use ESM for prevention and for a couple of cases we use it for fraud prevention and some for the VIP members check.

Pros and Cons

  • "The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
  • "The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."

What other advice do I have?

I would rate it a nine out of ten. I wouldn't give any solution a perfect ten.
Learn what your peers think about ArcSight Logger. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
455,301 professionals have used our research since 2012.
Techconslt67
Technical Consultant at a tech services company with 11-50 employees
Consultant
Aug 19, 2019
User behavior analytics for investigating

What is our primary use case?

We use the on-premise version of ArcSight Logger.

Pros and Cons

  • "In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
  • "I think the ArcSight team should try to simplify legacy products for the customers, because that product is not easy to use or to work with. It needs more more competency or appeal to use. We hope Micro Focus is trying to resolve this."

What other advice do I have?

I would rate this solution as ten out of ten. Whenever I talk about the product I tell the user to start easy, not to take the whole package and to try to use it quickly. Start with the basics, then you can ramp up fluidly. Sometimes the client or customer wants to take it urgently so at that moment it will be more difficult to use. I prefer to take the product step by step.
Kalana Liyanage
Team Lead at a tech services company with 51-200 employees
Reseller
Top 5
Feb 21, 2020
Strong scalability options, Flexible log collection and has an easy setup

What is our primary use case?

We focus mainly on the enterprise market where the customers have the requirement for log management and compliance. And most of the time we propose ESM along with the logger for SIEM requirements. We have multiple Logger customers here in Sri Lanka where we've implemented and maintained solutions for them.

Pros and Cons

  • "In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer."
  • "I would rate the technical support only 5 out of 10. The technical support is not satisfactory."

What other advice do I have?

I would advise anyone looking to implement this solution to have a good understanding of your infrastructure and to verify your architecture. You should be able to get an idea of their road map for the next five years to just verify what sort of effect it will be making on your system. On a scale of one to ten, I would rate it an eight.
reviewer1290066
Founder & CEO at a security firm with 10,001+ employees
Real User
Top 10
Feb 24, 2020
A robust solution than can handle complex operations and analytics, but the reporting capabilities are limited

What is our primary use case?

ArcSight logger was used for storing your logs, long-term, in a structured way. You can search in it, you can structure your data in it, and you can generate simple reports.

Pros and Cons

  • "It's a robust, mature product and you can do some really complex operations and analytics."
  • "You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."

What other advice do I have?

We are involved with technology that allows us to solve problems for clients that they cannot solve themselves. These are often complex environments. This solution has still been in use over the past year. We have a client who has the full ArcSight Suite. We are working on a solution to phase out Logger in the coming year and replace it with Elastic or Splunk. We can replace ArcSight entirely by Splunk and use Elastic for fast search. We think that there is more progress in that platform. I would rate this solution a six out of ten.
CISO67
CISO at a financial services firm with 1,001-5,000 employees
Real User
Sep 16, 2019
An extremely customizable and scalable enterprise-level solution with great stability

What is our primary use case?

We primarily use the solution for monitoring all of our perimeter - from critical assets to less critical ones. It covers IT assets, networks, databases, servers, endpoints, etc.

Pros and Cons

  • "The ability to customize the solution in great detail is its most valuable features. We can customize the use cases and also have the ability to do scripting. We can personalize our dashboard as well. The scalability the solution offers is quite impressive."
  • "The solution should make it possible to integrate network analysis features."

What other advice do I have?

We are using the on-premises deployment model. There are people who say "Oh, ArcSight is losing its position and it's complex or it's not a good solution." I do not agree. I know that the biggest companies in the world are still working with ArcSight. It's the most comprehensive solution. It contains many features that are useful for enterprise-level organizations. If a company has a team that wants to go deeper and get the most features out of developing a real SOC, they should look for a very robust, scalable, multi-tenant solution. The solution should also be able to manage data analytics…
Ademayokun Daini
SOC Analyst at a tech services company with 11-50 employees
Real User
Top 20
Aug 20, 2019
Good searching with detailed display of firewall and Windows events

What is our primary use case?

We are a service provider and this solution is deployed on-premises for some of our customers. It is primarily used for firewall and Windows events.

Pros and Cons

  • "The most valuable feature is the level of detail that you can see about certain events, even when they do not come up in the console."
  • "I would like to see better scheduling in the next release of this solution."

What other advice do I have?

This is a solution that is straightforward and easy to use. It is user-friendly and not complex. I would rate this solution an eight out of ten.
Msbh345
Senior Security Analyst at a government with 201-500 employees
Real User
Top 10
Mar 31, 2020
Good search capability that is simple to use

What is our primary use case?

We use this solution for archiving log feeds.

Pros and Cons

  • "The most valuable feature is the search capability, which is simple to use."
  • "We have had problems with archiving."

What other advice do I have?

I am the technical support person for all of our on-site components. My advice for anybody who is implementing this solution is to use ArcSight ESM to correlate the logs and display them on the dashboard. I would rate this solution an eight out of ten.
See 1 more ArcSight Logger Reviews