We performed a comparison between ArcSight Logger and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer."
"We haven't had any crashes or bugs. It is stable."
"The machine learning is a good feature."
"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
"It provides in-depth information on business activities once we log into the system."
"The ability to customize the solution in great detail is its most valuable features. We can customize the use cases and also have the ability to do scripting. We can personalize our dashboard as well. The scalability the solution offers is quite impressive."
"It's an efficient solution."
"It's a robust, mature product and you can do some really complex operations and analytics."
"Elastic is straightforward, easy to integrate, and highly customizable."
"Elastic Security is very easy to adapt."
"The most valuable feature for me is Discover."
"Enables monitoring of application performance and the ability to predict behaviors."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"The scalability is good. It can be scaled easily in the production environment."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"The solution should make it possible to integrate network analysis features."
"I think the ArcSight team should try to simplify legacy products for the customers, because that product is not easy to use or to work with. It needs more more competency or appeal to use. We hope Micro Focus is trying to resolve this."
"I would like to see better scheduling in the next release of this solution."
"The solution could be improved in maintenance settings."
"The product's connectors should work better and the user manuals need an update."
"It would be better if the product is cheaper."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"In the next release, I want to see more intelligence."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"In terms of improvement, there could be more automation in responding to and evaluating detections."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"The solution could offer better reporting features."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
ArcSight Logger is ranked 29th in Log Management with 30 reviews while Elastic Security is ranked 5th in Log Management with 58 reviews. ArcSight Logger is rated 7.8, while Elastic Security is rated 7.6. The top reviewer of ArcSight Logger writes "A scalable and stable solution that enables users to see all the event logs in one place". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". ArcSight Logger is most compared with Splunk Enterprise Security, IBM Security QRadar, Wazuh, LogRhythm SIEM and VMware Aria Operations for Logs, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel and IBM Security QRadar. See our ArcSight Logger vs. Elastic Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.