ArcSight Logger vs IBM Security QRadar comparison

Cancel
You must select at least 2 products to compare!
OpenText Logo
2,199 views|2,057 comparisons
80% willing to recommend
IBM Logo
15,094 views|9,166 comparisons
91% willing to recommend
Comparison Buyer's Guide
Executive Summary

We performed a comparison between ArcSight Logger and IBM Security QRadar based on real PeerSpot user reviews.

Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed ArcSight Logger vs. IBM Security QRadar Report (Updated: April 2024).
772,649 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The technical support team is good...It is a scalable solution.""ArcSight provides the basic information that we want.""In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer.""The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution.""It's an efficient solution.""The solution provides information about the risk factors.""We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist.""It's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."

More ArcSight Logger Pros →

"It provides many options for searching. I can see devices from different vendors, like Cisco, in one interface, which is good for me.""We have worked with other solutions, such as LogRhythm and Splunk. Compared to others, IBM QRadar has the best price-performance ratio so that you are able to reserve minimum costs. It starts settling in fast and gets the first results very quickly. It is also very scalable.""It'll get you from point A to B.""This solution has excellent security analytics.""We've found the solution to be scalable.""What we like about QRadar and the models that IBM has, is it can go from a small-to-medium enterprise to a larger organization, and it gives you the same value.""The solution is easy to use, manage, and review all incidents.""Vulnerability detection is the most valuable feature. It's the tool that finds the threats."

More IBM Security QRadar Pros →

Cons
"The initial setup was a little bit complex.""You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose.""I had some latency issues for two months. I had to increase our storage capacity significantly to reduce the latency.""ArcSight has been sold two or three times, and the quality has decreased.""I would rate the technical support only 5 out of 10. The technical support is not satisfactory.""The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved.""We find that the search and access functionality is quite slow.""The solution should make it possible to integrate network analysis features."

More ArcSight Logger Cons →

"I would like to see the update process simplified.""The usability of interfaces could be improved.""The custom rules could be simplified more or it should be possible to use a different language, other than the ones that the solution is already using. They should add other languages into the mix.""The interface is very old. IBM should remake it into a more modern interface.""The solution is expensive compared to other products.""QRadar needs to be improved on the storage side, particularly when the disc exceeded the maximum threshold.""There could be better integration with the solution.""The Indian tech support is not helpful."

More IBM Security QRadar Cons →

Pricing and Cost Advice
  • "ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."
  • "The pricing is quite harsh."
  • "It's not cheap at all as it's a big product and has been in the market for quite some time now."
  • "ArcSight is an expensive solution."
  • "I would rate the product a seven out of ten since it's an enterprise product."
  • "I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."
  • "Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."
  • "We have a lifetime license, so we don't pay a monthly fee."
  • More ArcSight Logger Pricing and Cost Advice →

  • "found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price."
  • "Most of the time, it is easier and cheaper to buy a new product or the QRadar box."
  • "IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much."
  • "IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much."
  • "Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost."
  • "It is expensive. It is not a product that I can provide for SMBs. It is a program that I can only provide for really large enterprises."
  • "The maintenance costs are high."
  • "Pricing (based on EPS) will be more accurate."
  • More IBM Security QRadar Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    772,649 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    Questions from the Community
    Top Answer: We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist.
    Top Answer:The pricing isn't the problem. We have a lifetime license, so we don't pay a monthly fee.
    Top Answer:The solution has room for improvement. We're currently upgrading to the newer version, where they have something like Kafka, a hub for all solutions feeding information into Logger. However, I think… more »
    Top Answer:It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information… more »
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Top Answer:The event collector, flow collector, PCAP and SOAR are valuable.
    Ranking
    28th
    out of 95 in Log Management
    Views
    2,199
    Comparisons
    2,057
    Reviews
    9
    Average Words per Review
    334
    Rating
    7.2
    6th
    out of 95 in Log Management
    Views
    15,094
    Comparisons
    9,166
    Reviews
    29
    Average Words per Review
    487
    Rating
    7.6
    Comparisons
    Also Known As
    Micro Focus Arcsight Logger, HPE Arcsight Logger
    IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar, IBM QRadar User Behavior Analytics, IBM QRadar Advisor with Watson
    Learn More
    Overview
    HPE ArcSight Data Platform (ADP) offers a future-ready data solution that enriches data in real time and supports open standards for better threat detection. Using security data connectors, ADP collects data and enriches it in real-time to give analysts organized information that can be acted upon instantly.

    IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.

    IBM Security QRadar is built to address a wide range of security issues and can be easily scaled with minimal customization effort required. As data is ingested, QRadar administers automated, real-time security intelligence to swiftly and precisely discover and prioritize threats. The platform will issue alerts with actionable, rich context into developing threats. Security teams and analysts can then rapidly respond to minimize the attackers' strike. The solution will provide a complete view of activity in both cloud-based and on-premise environments as a large amount of data is ingested throughout the enterprise. Additionally, QRadar’s anomaly detection intelligence enables security teams to identify any user behavior changes that could be indicators of potential threats. 

    IBM QRadar Log Manager

    To better help organizations protect themselves against potential security threats, attacks, and breaches, IBM QRadar Log Manager gathers, analyzes, preserves, and reports on security log events using QRadar Sense Analytics. All operating systems and applications, servers, devices, and applications are converted into searchable and actionable intelligent data. QRadar Log Manager then helps organizations meet compliance reporting and monitoring requirements, which can be further upgraded to QRadar SIEM for a more superior level of threat protection.

    Some of QRadar Log Manager’s key features include:

    • Data processing and capture on any security event
    • Disaster recovery options and high availability 
    • Scalability for large enterprises
    • SoftLayer cloud installation capability
    • Advanced threat protection

    Reviews from Real Users

    IBM Security QRadar is a solution of choice among users because it provides a complete solution for security teams by integrating network analysis, log management, user behavior analytics, threat intelligence, and AI-powered investigations into a single solution. Users particularly like having a single window into their network and its ability to be used for larger enterprises.

    Simon T., a cyber security services operations manager at an aerospace/defense firm, notes, "The most valuable thing about QRadar is that you have a single window into your network, SIEM, network flows, and risk management of your assets. If you use Splunk, for instance, then you still need a full packet capture solution, whereas the full packet capture solution is integrated within QRadar. Its application ecosystem makes it very powerful in terms of doing analysis."

    A management executive at a security firm says, "What we like about QRadar and the models that IBM has, is it can go from a small-to-medium enterprise to a larger organization, and it gives you the same value."

    Sample Customers
    China Merchants Bank, Bank AlJazira, Banca Intesa
    Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Government22%
    Comms Service Provider17%
    Computer Software Company6%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company15%
    Government11%
    Comms Service Provider8%
    REVIEWERS
    Financial Services Firm23%
    Computer Software Company15%
    Comms Service Provider10%
    Security Firm6%
    VISITORS READING REVIEWS
    Educational Organization19%
    Computer Software Company15%
    Financial Services Firm10%
    Government6%
    Company Size
    REVIEWERS
    Small Business24%
    Midsize Enterprise30%
    Large Enterprise45%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise15%
    Large Enterprise65%
    REVIEWERS
    Small Business39%
    Midsize Enterprise15%
    Large Enterprise45%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise30%
    Large Enterprise49%
    Buyer's Guide
    ArcSight Logger vs. IBM Security QRadar
    April 2024
    Find out what your peers are saying about ArcSight Logger vs. IBM Security QRadar and other solutions. Updated: April 2024.
    772,649 professionals have used our research since 2012.

    ArcSight Logger is ranked 28th in Log Management with 31 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. ArcSight Logger is rated 7.8, while IBM Security QRadar is rated 8.0. The top reviewer of ArcSight Logger writes "A scalable and stable solution that enables users to see all the event logs in one place". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". ArcSight Logger is most compared with Splunk Enterprise Security, Elastic Security, Wazuh, LogRhythm SIEM and syslog-ng, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Securonix Next-Gen SIEM. See our ArcSight Logger vs. IBM Security QRadar report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.