We performed a comparison between ArcSight Logger and Graylog based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's a robust, mature product and you can do some really complex operations and analytics."
"We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist."
"It provides in-depth information on business activities once we log into the system."
"I am impressed with the product's ability to pick up logs. It also has UEBA which has reduced the time to take charge of the events."
"It's an efficient solution."
"ArcSight provides the basic information that we want."
"The technical support team is good...It is a scalable solution."
"In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer."
"This had increased productivity for the dev and support teams, because we are directly notifying them."
"I like the correlation and the alerting."
"The product is scalable. The solution is stable."
"The solution's most valuable feature is its new interface."
"I am very proud of how very stable the solution is."
"Open source and user friendly."
"We have scaled from a single machine installation (a VM with a Graylog + ES + MongoDB) to (2 Graylog + 2 ES + 3 MongoDB). This was done smoothly with a minimal impact on logging."
"We're using the Community edition, but I know that it has really good dashboarding and alerts."
"The solution should make it possible to integrate network analysis features."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"The integration with other systems could be improved."
"The platform is quite expensive. They should reduce its cost."
"You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."
"The console in older versions is not user-friendly."
"We have had problems with archiving."
"The initial setup was a little bit complex."
"Graylog can improve the index rotation as it's quite a complex solution."
"There should be some user groups and an auto sign-in feature."
"I would like to see some kind of visualization included in Graylog."
"Dashboards, stream alerts and parsing could be improved."
"The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture."
"Elasticsearch recommendations for tuning could be better. Graylog doesn't have direct support for running the system inside of Kubernetes, so it can be challenging to fill in the gaps and set up containers in a way that is both performant and stable."
"We ran into problems with Elasticsearch throwing a circuit-breaking exception due to field data size being too large. It turned out that the heap size directly impacted this size in a high-throughput environment, causing unexplained instability in Graylog. We were able to troubleshoot on the Elasticsearch size, but we should have been able to reference some minimum requirements for Graylog to know that our settings weren't sufficient."
"With technical support, you are on your own without an enterprise license."
ArcSight Logger is ranked 28th in Log Management with 31 reviews while Graylog is ranked 11th in Log Management with 18 reviews. ArcSight Logger is rated 7.8, while Graylog is rated 8.0. The top reviewer of ArcSight Logger writes "A scalable and stable solution that enables users to see all the event logs in one place". On the other hand, the top reviewer of Graylog writes "Great detailed search features and easy Java integration, but needs improvement in integration with Python". ArcSight Logger is most compared with Splunk Enterprise Security, IBM Security QRadar, Elastic Security and Wazuh, whereas Graylog is most compared with Grafana Loki, Wazuh, syslog-ng, Splunk Enterprise Security and Fortinet FortiAnalyzer. See our ArcSight Logger vs. Graylog report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.