We performed a comparison between ArcSight Logger and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Our return on investment for implementing ArcSight Logger over the past 12 months has been positive."
"The solution provides information about the risk factors."
"We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist."
"It provides in-depth information on business activities once we log into the system."
"The log digestion features from threat intelligence platforms like Recorded Future or Talos are valuable."
"In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer."
"It's a robust, mature product and you can do some really complex operations and analytics."
"It's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."
"ELK documentation is very good, so never needed to contact technical support."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"Elastic is straightforward, easy to integrate, and highly customizable."
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"It is scalable."
"The most valuable feature is the ability to collect authentication information from service providers."
"It's simple and easy to use."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"ArcSight has been sold two or three times, and the quality has decreased."
"You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."
"It would be better if the product is cheaper."
"The solution should make it possible to integrate network analysis features."
"We have had problems with archiving."
"I had some latency issues for two months. I had to increase our storage capacity significantly to reduce the latency."
"In the next release, I want to see more intelligence."
"I would rate the technical support only 5 out of 10. The technical support is not satisfactory."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
ArcSight Logger is ranked 28th in Log Management with 31 reviews while Elastic Security is ranked 5th in Log Management with 59 reviews. ArcSight Logger is rated 7.8, while Elastic Security is rated 7.6. The top reviewer of ArcSight Logger writes "A scalable and stable solution that enables users to see all the event logs in one place". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". ArcSight Logger is most compared with Splunk Enterprise Security, IBM Security QRadar, Wazuh, LogRhythm SIEM and VMware Aria Operations for Logs, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Rapid7 InsightIDR. See our ArcSight Logger vs. Elastic Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.