We performed a comparison between ArcSight Logger and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
"The most valuable feature is the level of detail that you can see about certain events, even when they do not come up in the console."
"In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer."
"It's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."
"It's an efficient solution."
"It provides in-depth information on business activities once we log into the system."
"ArcSight provides the basic information that we want."
"We check a lot of logs in ArcSight Logger because we're running a massive database platform."
"I like that the solution is on top of the Kubernetes stack."
"It is a stable solution."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"Its cost-effectiveness is the most valuable aspect."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"ArcSight has been sold two or three times, and the quality has decreased."
"You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."
"It is really difficult to work in ArcSight Logger, as it is very slow."
"We have had problems with archiving."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"The solution must provide readymade connectors for different applications."
"I had some latency issues for two months. I had to increase our storage capacity significantly to reduce the latency."
"It's not a new product and is a bit complex. So, it requires a person dedicated to working on it and to know about it in and out. It is a huge product, and the search operation is a bit complicated for a new user or someone who has not used it for long. So for that person, it becomes a bit difficult."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"We would like to see more improvements on the cloud."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"Integration with Vyara could be better."
"While it is scalable, it can suffer from reduced latencies."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
ArcSight Logger is ranked 28th in Log Management with 31 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. ArcSight Logger is rated 7.8, while Wazuh is rated 7.4. The top reviewer of ArcSight Logger writes "A scalable and stable solution that enables users to see all the event logs in one place". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". ArcSight Logger is most compared with Splunk Enterprise Security, IBM Security QRadar, Elastic Security, LogRhythm SIEM and syslog-ng, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and Graylog. See our ArcSight Logger vs. Wazuh report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.