Elastic Beats Competitors and Alternatives
Read reviews of Elastic Beats competitors and alternatives
Manager of Security Services at OpenText
Jan 9, 2020
We can build Activeboards that can do queries across multiple different types of data sources with one query
What is our primary use case?I run an incident response, digital forensics team for OpenText. We do investigations into cyber breaches, insider threats, network exploitation, etc. We leverage Devo as a central repository to bring in customer logging in a multi-tenant environment to conduct analysis and investigations. We have a continuous monitoring customer for whom we stream all of their logging in on sort of a traditional Devo setup. We build out the active boards, dashboards, and everything else. The customer has the ability to review it, but we review it as well, acting as a security managed service offering for… more »
Pros and Cons
- "Being able to build and modify dashboards on the fly with Activeboards streamlines my analyst time because my analysts aren't doing it across spreadsheets or five different tools to try to build a timeline out themselves. They can just ingest it all, build a timeline out across all the logging, and all the different information sources in one dashboard. So, it's a huge time saver. It also has the accuracy of being able to look at all those data sources in one view. The log analysis, which would take 40 hours, we can probably get through it in about five to eight hours using Devo."
- "Their documentation could be better. They are growing quickly and need to have someone focused on tech writing to ensure that all the different updates, how to use them, and all the new features and functionality are properly documented."
What other advice do I have?Definitely get training and professional services hours with it. It is one of those tools where the more you know, the more you can do. Out-of-the-box, there is a lot of stuff that you can just do with very little training. However, to get to the really cool features and setups, you'll need the training and a bit of front-end assistance to make sure it's customized for your environment the right way. You need to have a tool of this capability in your environment, whether you're providing service for someone else or if it's your own internal environment that you're working in. It is a core…
Founder & CEO at a security firm with 10,001+ employees
Real UserTop 10
Feb 24, 2020
A robust solution than can handle complex operations and analytics, but the reporting capabilities are limited
What is our primary use case?ArcSight logger was used for storing your logs, long-term, in a structured way. You can search in it, you can structure your data in it, and you can generate simple reports.
Pros and Cons
- "It's a robust, mature product and you can do some really complex operations and analytics."
- "You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."
What other advice do I have?We are involved with technology that allows us to solve problems for clients that they cannot solve themselves. These are often complex environments. This solution has still been in use over the past year. We have a client who has the full ArcSight Suite. We are working on a solution to phase out Logger in the coming year and replace it with Elastic or Splunk. We can replace ArcSight entirely by Splunk and use Elastic for fast search. We think that there is more progress in that platform. I would rate this solution a six out of ten.
Senior Specialist: IT Enterprise Systems at a comms service provider with 501-1,000 employees
Real UserTop 10
Feb 14, 2020
Good interface and log search functionality but could use better pricing
What is our primary use case?I primarily use the solution for a basic login switch. It's a centralized login server for us. When we have some incident or some log that we want to query, instead of querying directly to its server we analyze the logs and create our own specific queries.
Pros and Cons
- "The interface of the solution is good."
- "The pricing of the solution could be improved."