We performed a comparison between USM Anywhere and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is vulnerability management because it gives you insight into your environment to know what systems need to be updated or patched."
"The Event Correlation and vulnerability scans have been the most useful. As a 24/7 SOC, we use the incoming alarms to give an overview of suspicious traffic going through the network. It's easy to look at the correlated events and see the broad picture of traffic for that customer. Vulnerability scans are good for providing patch and remediation guidelines to keep customer systems secure."
"The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful."
"On any given day I could give you a different answer regarding the most valuable features of the product. The feature that is most important is the fact that it has a lot of features, that it's not just a log collection and correlation system, that it has a lot of other components built in. The bundle of features is really the killer feature."
"AlientVault has helped us in improving our visualization and incident response during cybersecurity situations."
"The asset management functionality (active and passive scans) is also really important. You can't protect what you do not know about, so having an inventory of all your devices and software is critical to a security management program."
"The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization."
"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
"It gives the customer a quick overview, so they don't have to dig. There's a clear dashboard with many sensors in a single space. He gets a helicopter view of his environment, but he can investigate further if there are serious issues. It's pretty user-friendly."
"The root cause analysis feature is very valuable."
"One of the most valuable features of vRealize Log Insight is that it gives you a clear forecast about your existing machines, for example, how long your machines could be supported and how long the remaining capacity is to host your machines. This is one of the best options available within vRealize Log Insight. Another valuable feature of the solution is automation. My company deploys a lot of automation when required in a very, very short period, and in a very uniform manner, and even if the automation is being deployed for different processes and departments, it's pretty much the same across the environment, so vRealize Log Insight helps reduce a lot of ambiguities and helps my company manage operational efficiencies well."
"The events are notably more descriptive, aiding in security and event analysis. We've also integrated Sky Collector, providing valuable insights and solutions for troubleshooting."
"What I like is that you can have different storage locations for different applications."
"We use the on-premises version of this solution for log analysis and to find details about certain issues."
"The solution's simplicity, flexibility, and extensibility are valuable features as we can integrate everything in vRealize."
"It allows us to gain a comprehensive overview of our infrastructure."
"The lack of mature functionality and expertise in any of those areas is a strong negative."
"The GUI needs to improve because it's not user-friendly."
"The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case."
"AT&T AlienVault USM can improve searchable data. It should be available for more than 90 days. If you need more than 90 days of data, you have to put a request and they give you raw data, which is not easy to search. A good addition would be to allow users to search data older than 90 days."
"It was easy on PoC, but when we got to the product it was different story. We had to learn the product again and got feeling that the PoC was a different product."
"The other thing is the agent is OSSEC. They needed to create its own agent to help to find threats on the devices that it happens to be installed."
"Reporting is convoluted and difficult at times, although they claim to have hundreds of pre-built reports, very few of them are actually useful for anything but what the USM is doing."
"It should be able to communicate with other security solutions to stop threats."
"It needs better integration with third-party analytics tools."
"What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects."
"It's great for VMware, but it would be good if they had third-party logins."
"The solution is a very good tool, but it has a lot of limitations. One of the main issues is around how you define your retention policy, for instance, in Log Insight. It doesn't have it. You can't define a log retention policy. You also can't define the destination or location for your logs. All of the logs are in one index or one bucket."
"They should improve their web interface to make it more user-friendly."
"The pricing of the solution could be improved."
"The dashboard needs to be improved because this is what I need to monitor my infrastructure."
"Log retention should have more options for user control."
More VMware Aria Operations for Logs Pricing and Cost Advice →
USM Anywhere is ranked 15th in Log Management with 113 reviews while VMware Aria Operations for Logs is ranked 10th in Log Management with 24 reviews. USM Anywhere is rated 8.4, while VMware Aria Operations for Logs is rated 8.2. The top reviewer of USM Anywhere writes "Easy to use and affordable". On the other hand, the top reviewer of VMware Aria Operations for Logs writes "Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies". USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Microsoft Sentinel, whereas VMware Aria Operations for Logs is most compared with Splunk Enterprise Security, Elastic Security, LogRhythm SIEM, Graylog and IBM Security QRadar. See our USM Anywhere vs. VMware Aria Operations for Logs report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
