We performed a comparison between ArcSight Logger and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The ability to customize the solution in great detail is its most valuable features. We can customize the use cases and also have the ability to do scripting. We can personalize our dashboard as well. The scalability the solution offers is quite impressive."
"The log digestion features from threat intelligence platforms like Recorded Future or Talos are valuable."
"We check a lot of logs in ArcSight Logger because we're running a massive database platform."
"It's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."
"It provides in-depth information on business activities once we log into the system."
"The solution provides information about the risk factors."
"In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer."
"Some of the most valuable features I really appreciate are the performance, how quick the solution is, and how easy it is to create a query."
"The correlation capabilities are the first value that our clients say they like with Splunk."
"Compared to IBM QRadar, Splunk Enterprise Security offers faster alert resolution."
"Integrity with many vendors: This simplifies the implementation and integration with different devices"
"It is very scalable."
"Splunk's schema on demand is incredibly useful. I do not have to worry about what my users will need when we onboard their data."
"We were able to create a catalog of dashboards and have a holistic view at all levels. We could understand our business much better. Real-time errors, which were buried in emails before now, surfaced up on dashboards."
"Splunk would be my choice for the presentation layer because it comes with inbuilt reports and a dashboard that you can customize."
"The graph visualization is the most valuable feature."
"We have had problems with archiving."
"The platform is quite expensive. They should reduce its cost."
"I had some latency issues for two months. I had to increase our storage capacity significantly to reduce the latency."
"The product's connectors should work better and the user manuals need an update."
"You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."
"The next release should have AI capabilities."
"The initial setup was a little bit complex."
"The solution should make it possible to integrate network analysis features."
"Splunk's ability to analyze malicious activities scores an 8 out of 10, but there's room for improvement. By analyzing emerging patterns, Splunk could identify and predict potential threats more effectively."
"This is not really a monitoring solution."
"Splunk could have more built-in use case presets that customers can build on and customize."
"Integrating tools and creating use cases could be easier. It's hard for a junior security engineer with only a couple of years of experience to write use cases. They can do it, but it's much easier in a solution like IBM QRadar. Setting conditions is like a multiple-choice type of thing. It's a more user-friendly process."
"Splunk does not build apps. They only go back and validate the apps that somebody has already built. They should have remote consulting support. They have a wonderful solution. They have 24/7 security. Nobody needs to depend on any third party and will therefore just buy Splunk on the cloud."
"Splunk Enterprise Security has not helped reduce our alert volume."
"I would like some additional AI capabilities to provide additional information about things going wrong and things going well."
"The user access control could be much more granular, so that the admins can control r/w/x access for specific features of the product like dashboards, etc."
ArcSight Logger is ranked 29th in Log Management with 30 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews. ArcSight Logger is rated 7.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of ArcSight Logger writes "A scalable and stable solution that enables users to see all the event logs in one place". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". ArcSight Logger is most compared with IBM Security QRadar, Elastic Security, Wazuh, LogRhythm SIEM and VMware Aria Operations for Logs, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Graylog. See our ArcSight Logger vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.