We performed a comparison between ArcSight Logger and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I am impressed with the product's ability to pick up logs. It also has UEBA which has reduced the time to take charge of the events."
"The most valuable feature is the search capability, which is simple to use."
"We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist."
"It is one of the best products available in the market."
"The machine learning is a good feature."
"The most valuable feature is the level of detail that you can see about certain events, even when they do not come up in the console."
"It's a robust, mature product and you can do some really complex operations and analytics."
"It's an efficient solution."
"It gives us the liberty to do more in terms of use cases."
"Splunk provides immediate visibility into key business metrics and new business insights that deliver immediate value."
"Three features stand out for me: the SDK for writing Python, the customizable and adaptable diagnostic dashboard, and the optimizer for collecting data."
"The initial setup is really straightforward. It's one of the easiest installations."
"One key advantage of Splunk over competitors like IBM QRadar is its superior device integration capabilities."
"The ability to view all of these different logs, then drilling down into specific times or into specific data sources, has proved to be the greatest aspect in decreasing our troubleshooting overhead time."
"The dashboards are the most valuable feature. We like the ability to drill in and see what queries are under the dashboard, build new visualizations, edit the querying, and see the reports."
"To get visibility from your network devices, servers, and security devices is a great feature."
"The next release should have AI capabilities."
"The solution should make it possible to integrate network analysis features."
"You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."
"The platform is quite expensive. They should reduce its cost."
"The product's connectors should work better and the user manuals need an update."
"I would rate the technical support only 5 out of 10. The technical support is not satisfactory."
"We find that the search and access functionality is quite slow."
"It would be better if the product is cheaper."
"The algorithms customization of Splunk could improve. They have limited algorithms for machine learning support. If they can allow the user to add more machine learning algorithms, such as the ability to choose the algorithm that a user might want. Additionally, they should provide the required libraries for those algorithms, and then analyzes the data for use."
"The only thing which can be improved is that they are too subjective on whom their Splunk4Good initiative can be applied. They market it as you only need to be a nonprofit, but there is more to it."
"My company could benefit from doing more Splunk training with Splunk consultants teaching us how to use it."
"Splunk Enterprise Security could improve in automation, flexibility, and providing more content out of the box."
"Cybersecurity and infrastructure monitoring have room for improvement."
"When you get into large amounts of data, Splunk can get pretty slow. This is the same on-premise or AWS, it doesn't matter. The way that they handle large data sets could be improved."
"The solution could use a different licensing model."
"While there aren't any major areas where the solution has to be improved, there are certain integrations that are still not available. I would specifically like to see legacy applications integrated."
ArcSight Logger is ranked 28th in Log Management with 31 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 244 reviews. ArcSight Logger is rated 7.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of ArcSight Logger writes "A scalable and stable solution that enables users to see all the event logs in one place". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". ArcSight Logger is most compared with IBM Security QRadar, Elastic Security, Wazuh, LogRhythm SIEM and VMware Aria Operations for Logs, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Fortinet FortiAnalyzer. See our ArcSight Logger vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.