Try our new research platform with insights from 80,000+ expert users

ArcSight Logger vs Wazuh comparison

OpenText and Wazuh are both solutions in the Log Management category. OpenText is ranked #45 with an average rating of 6.8, while Wazuh is ranked #1 with an average rating of 7.8. OpenText holds a 0.9% mindshare in Log Management, compared to Wazuh’s 9.4% mindshare. Additionally, 81% of OpenText users are willing to recommend the solution, compared to 81% of Wazuh users who would recommend it.
ArcSight Logger
Read 32 ArcSight Logger reviews
  • 1,430 Views
  • 1,430 Comparison Views
81% willing to recommend
Wazuh
Read 50 Wazuh reviews
  • 36,157 Views
  • 21,333 Comparison Views
81% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Nov 30, 2025

ArcSight Logger and Wazuh are competitors in the log management and SIEM solutions category. ArcSight Logger has the upper hand in scalability and advanced analytics, making it suitable for large enterprises, while Wazuh's open-source model is beneficial for organizations seeking cost-effective solutions with good support from the community.

Features: ArcSight Logger is known for its high scalability, robust security analytics, and efficient log management. It supports large data volumes and offers real-time awareness and in-depth data visibility. Wazuh provides strong compliance features, flexibility in deployment across on-premises and cloud environments, and integrates well with various solutions. It offers effective endpoint monitoring though it lacks some advanced analytics features of ArcSight.

Room for Improvement: ArcSight Logger could improve in terms of user-friendliness, threat analytics, and faster query response. It also faces challenges with legacy device support and lacks advanced machine learning features. Wazuh needs enhancements in threat detection and security features, especially for larger enterprises, and could benefit from more automated features and better threat intelligence integration.

Ease of Deployment and Customer Service: ArcSight Logger primarily offers on-premises deployment, with substantial support but mixed reviews on responsiveness post-acquisition by Micro Focus. It requires specialized skills for effective management. Wazuh, offering flexible deployment options including cloud and hybrid environments, benefits from strong community support but may face challenges with direct support without additional costs.

Pricing and ROI: ArcSight Logger is often seen as expensive, but its scalability and security features justify its cost, providing a positive ROI for enterprises. The setup and license fees are significant. Wazuh's open-source nature offers a cost-effective alternative with minimal initial costs and no licensing fees, though hidden costs like resource investment and support can affect ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ArcSight Logger vs. Wazuh Report (Updated: December 2025).
Buyer's Guide
ArcSight Logger vs. Wazuh
December 2025
Download the complete report
Helped 879,768 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
1.0
ArcSight Logger is valued for ease of use, aiding fraud investigation, and seen as cost-effective despite licensing costs.
Sentiment score
3.7
Wazuh offers cost-effective security, reducing detection to an hour and response to two days, benefiting small businesses.
No quotes available
For more quotes and insights, download the ArcSight Logger report
I have seen value in security cost savings with Wazuh, as using proprietary EDR versions could save us substantial money.
Ebenezer Okoh
Security Consultant at ebenezer.okoh@agorasecurity.it
For more quotes and insights, download the Wazuh report
 

Customer Service

Sentiment score
5.8
ArcSight Logger support is generally helpful, but technical assistance quality varies, with community reliance and time zone issues noted.
Sentiment score
3.5
Users generally praise Wazuh's support, highlighting strong customer service and useful community resources, despite occasional delays in response times.
We provide pre-implementation, implementation, and post-implementation support.
Mohammed Shoaib Abdulla
Sr. Cybersecurity Consultant IT/OT at EJADA
For more quotes and insights, download the ArcSight Logger report
They responded quickly, which was crucial as I was on a time constraint.
reviewer2711757
Cyber Security Software Engineer at a tech services company with 11-50 employees
We use the open-source version of Wazuh, which does not provide paid support.
reviewer2590542
Tech Lead at a tech vendor with 201-500 employees
The documentation is good and provides clear instructions, though it's targeted at those with technical backgrounds.
Sandip_Patel
Student at Dakota State University
For more quotes and insights, download the Wazuh report
MA
reviewer2711757 - PeerSpot reviewerreviewer2590542 - PeerSpot reviewerSandip_Patel - PeerSpot reviewer
 

Scalability Issues

Sentiment score
6.2
ArcSight Logger offers scalable solutions for enterprises, though smaller setups may face performance and storage issues at high loads.
Sentiment score
6.7
Wazuh is scalable and flexible, but deployment complexity and technical expertise are needed for handling large data sets.
No quotes available
For more quotes and insights, download the ArcSight Logger report
It can accommodate thousands of endpoints on one instance, and multiple instances can run for different clients.
Sean-Cox
Security Operations Center Analyst at mailbox.org
Currently, I don't see any limitations in terms of scalability as Wazuh can still connect many endpoints.
Ebenezer Okoh
Security Consultant at ebenezer.okoh@agorasecurity.it
Scalability depends on the configuration and the infrastructure resources like compute and memory we allocate.
reviewer2590542
Tech Lead at a tech vendor with 201-500 employees
For more quotes and insights, download the Wazuh report
SC
Ebenezer Okoh - PeerSpot reviewerreviewer2590542 - PeerSpot reviewer
 

Stability Issues

Sentiment score
8.4
ArcSight Logger is mostly stable and reliable but experiences occasional disruptions during DDoS attacks and major upgrades.
Sentiment score
6.2
Wazuh is generally stable, though updates may cause issues; proper maintenance and installation minimize potential disruptions.
No quotes available
For more quotes and insights, download the ArcSight Logger report
The stability of Wazuh is strong, with no issues stemming from the solution itself.
reviewer2590542
Tech Lead at a tech vendor with 201-500 employees
The stability of Wazuh is largely dependent on maintenance.
Sean-Cox
Security Operations Center Analyst at mailbox.org
The indexer frequently times out, requiring system restarts.
reviewer2711757
Cyber Security Software Engineer at a tech services company with 11-50 employees
For more quotes and insights, download the Wazuh report
reviewer2590542 - PeerSpot reviewer
SC
reviewer2711757 - PeerSpot reviewer
 

Room For Improvement

ArcSight Logger requires UI improvements, more connectors, enhanced analytics, better integration, indexing, scalability, and cost efficiency.
Wazuh needs user interface improvements, scalability, integration, enhanced cloud security, better documentation, and reduced resource consumption for effectiveness.
Splunk does much more than SIEM, including log analysis, user behavior analysis, threat intelligence, and customer behavior analysis.
Mohammed Shoaib Abdulla
Sr. Cybersecurity Consultant IT/OT at EJADA
For more quotes and insights, download the ArcSight Logger report
Machine learning is needed along with understanding user behavior and behavioral patterns.
Rajin Sandira
Engineer - Information Security at N-Able (Pvt) Ltd
The integration modules are insufficiently developed, necessitating the creation of custom integration solutions using tools like Logstash and PubSub.
reviewer2590542
Tech Lead at a tech vendor with 201-500 employees
I think Wazuh should improve by introducing AI functionalities, as it would be beneficial to see AI incorporated in the threat hunting and detection functionalities.
Ebenezer Okoh
Security Consultant at ebenezer.okoh@agorasecurity.it
For more quotes and insights, download the Wazuh report
MA
RS
reviewer2590542 - PeerSpot reviewerEbenezer Okoh - PeerSpot reviewer
 

Setup Cost

ArcSight Logger is costly and complex, yet valued for capabilities and scalability despite competitive pricing and setup challenges.
Wazuh is a cost-effective open-source platform with optional managed services and support, emphasizing affordability for enterprises.
No quotes available
For more quotes and insights, download the ArcSight Logger report
Wazuh is completely free of charge.
Ebenezer Okoh
Security Consultant at ebenezer.okoh@agorasecurity.it
I would definitely recommend Wazuh, especially considering Fortinet's licensing model which is confusing and overpriced in my opinion.
Rajin Sandira
Engineer - Information Security at N-Able (Pvt) Ltd
Totaling around two lakh Indian rupees per month.
reviewer2590542
Tech Lead at a tech vendor with 201-500 employees
For more quotes and insights, download the Wazuh report
Ebenezer Okoh - PeerSpot reviewer
RS
reviewer2590542 - PeerSpot reviewer
 

Valuable Features

ArcSight Logger excels in scalability, performance, integration, and ease of use, providing powerful search and compliance features.
Wazuh offers cost-effective, flexible security solutions with features like SIEM, EDR, and compliance management for diverse environments.
ArcSight Logger installs on very minimal resources with very few requirements
Mohammed Shoaib Abdulla
Sr. Cybersecurity Consultant IT/OT at EJADA
For more quotes and insights, download the ArcSight Logger report
Wazuh is a SIEM tool that is highly customizable and versatile.
Sean-Cox
Security Operations Center Analyst at mailbox.org
The system allows us to monitor endpoints effectively and collect security data that can be utilized across other platforms such as SOAR.
Ebenezer Okoh
Security Consultant at ebenezer.okoh@agorasecurity.it
With this open source tool, organizations can establish their own customized setup.
reviewer2711757
Cyber Security Software Engineer at a tech services company with 11-50 employees
For more quotes and insights, download the Wazuh report
MA
SC
Ebenezer Okoh - PeerSpot reviewerreviewer2711757 - PeerSpot reviewer
 

Categories and Ranking

ArcSight Logger
Ranking in Log Management
45th
Average Rating
7.6
Reviews Sentiment
5.8
Number of Reviews
32
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Log Management
1st
Average Rating
7.4
Reviews Sentiment
6.1
Number of Reviews
50
Ranking in other categories
Security Information and Event Management (SIEM) (2nd), Extended Detection and Response (XDR) (5th)
 

Mindshare comparison

As of January 2026, in the Log Management category, the mindshare of ArcSight Logger is 0.9%, up from 0.8% compared to the previous year. The mindshare of Wazuh is 9.4%, down from 15.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Market Share Distribution
ProductMarket Share (%)
Wazuh9.4%
ArcSight Logger0.9%
Other89.7%
Log Management
 

Featured Reviews

MA
Mohammed Shoaib Abdulla
Sr. Cybersecurity Consultant IT/OT at EJADA
Compliance and cost-effectiveness have improved while critical infrastructure security adapts to evolving needs
ArcSight Logger fulfills compliance requirements and passes audit requirements. It is one of the Aramco standards requirements and is recommended by Aramco for any implementation. Aramco, SABIC, water companies, and electricity companies are critical infrastructure with air-gapped networks. In an air-gapped network, there is no communication going out from that network area to the outside world, even to the corporate network. ArcSight Logger is installed on minimal resources with minimal requirements. There are not many upgrades or new features that come up frequently, though they do occur occasionally.
Read full review
RS
Rajin Sandira
Engineer - Information Security at N-Able (Pvt) Ltd
Has faced limitations in AI capabilities and pricing flexibility
Pricing-wise, Wazuh stands out, along with deployment flexibility and its documentation which is extremely good in comparison to Forti. The community support is also incredible. They have helped quite a bit because previously, we had a separate tool and management dashboard to do our compliance. With Wazuh, we receive that information without having to do anything extra. We just set up the SIEM and all of that information was automatically populated. The dashboards are very easy to understand and very quick with no lag or delay. I have experienced delays on Forti's dashboards, but not with Wazuh. Wazuh is quite good. In comparison to Forti, they are quite similar. They are very good at detection.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
See recommendations
879,768 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Computer Software Company
10%
Manufacturing Company
7%
Healthcare Company
6%
Computer Software Company
14%
Comms Service Provider
10%
University
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise10
Large Enterprise16
By reviewers
Company SizeCount
Small Business27
Midsize Enterprise15
Large Enterprise8
 

Questions from the Community

What do you like most about ArcSight Logger?
We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist.
See all answers
What is your experience regarding pricing and costs for ArcSight Logger?
The pricing isn't the problem. We have a lifetime license, so we don't pay a monthly fee.
See all answers
What needs improvement with ArcSight Logger?
This decision is made by higher management as they don't want to have multiple solutions for one solution. ArcSight Logger themselves don't provide good support, but companies such as ours provide ...
See all answers
What do you like most about Wazuh?
Wazuh is its flexibility and open-source nature, which allows us to tailor threat detection and response across diverse client environments. Its integration capabilities with SOAR, cloud platforms,...
See all answers
What needs improvement with Wazuh?
The lack of AI features is an issue at the moment in the industry. Forti provides user behavior capabilities, which I would want to see in Wazuh. In FortiSIEM, they provide user behavior understand...
See all answers
What is your primary use case for Wazuh?
At the moment, I'm working in software integration, so we are working with FortiGate. To research and get an idea, I did some investigation into Wazuh. They have already used Fortinet products. The...
See all answers
 

Comparisons

Splunk Enterprise Security vs ArcSight Logger Logo
Splunk Enterprise Security vs ArcSight Logger
Compared 28% of the time
IBM Security QRadar vs ArcSight Logger Logo
IBM Security QRadar vs ArcSight Logger
Compared 26% of the time
Elastic Security vs ArcSight Logger Logo
Elastic Security vs ArcSight Logger
Compared 13% of the time
LogRhythm SIEM vs ArcSight Logger Logo
LogRhythm SIEM vs ArcSight Logger
Compared 7% of the time
Graylog Enterprise vs ArcSight Logger Logo
Graylog Enterprise vs ArcSight Logger
Compared 5% of the time
More ArcSight Logger Competitors
Security Onion vs Wazuh Logo
Security Onion vs Wazuh
Compared 11% of the time
Elastic Stack vs Wazuh Logo
Elastic Stack vs Wazuh
Compared 10% of the time
Graylog Enterprise vs Wazuh Logo
Graylog Enterprise vs Wazuh
Compared 6% of the time
Splunk Enterprise Security vs Wazuh Logo
Splunk Enterprise Security vs Wazuh
Compared 5% of the time
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Compared 4% of the time
More Wazuh Competitors
 

Product Reports

Buyer's Guide
ArcSight Logger
January 2026
ArcSight Logger reportDownload ArcSight Logger product report
Buyer's Guide
Wazuh
December 2025
Wazuh reportDownload Wazuh product report
 

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger
Wazuh All-In-One Deployment
 

Overview

HPE ArcSight Data Platform (ADP) offers a future-ready data solution that enriches data in real time and supports open standards for better threat detection. Using security data connectors, ADP collects data and enriches it in real-time to give analysts organized information that can be acted upon instantly.
OpenText

Wazuh offers an open-source platform designed for seamless integration into diverse environments, making it ideal for enhancing security infrastructure. Its features include log monitoring, compliance support, and real-time threat detection, providing effective cybersecurity management.

Wazuh stands out for its ability to integrate easily with Kubernetes, cloud-native infrastructures, and various SIEM platforms like ELK. It features robust MITRE ATT&CK correlation, comprehensive log monitoring capabilities, and detailed reporting dashboards. Users benefit from its file integrity monitoring and endpoint detection and response (EDR) capabilities, which streamline compliance and vulnerability assessments. While appreciated for its customization and easy deployment, room for improvement exists in scalability, particularly in the free version, and in areas such as threat intelligence integration, cloud integration, and container security. The platform is acknowledged for its strong documentation and technical support.

What are the key features of Wazuh?
  • MITRE ATT&CK Correlation: Streamlines threat analysis by correlating security data with known attack patterns.
  • Log Monitoring: Provides continuous oversight of log data to enhance security insights.
  • SIEM and ELK Integration: Simplifies centralization of security events and analytics.
  • Kubernetes Support: Ensures security measures align with containerized environments.
  • File Integrity Monitoring: Alerts on unauthorized changes to critical files.
  • Endpoint Detection and Response: Identifies and mitigates endpoint threats efficiently.
  • Compliance and Benchmarking: Built-in rules assist in meeting regulatory standards.
What benefits and ROI should users look for?
  • Cost-Effectiveness: Offers an affordable open-source security solution tailored for extensive customization.
  • Customization: Users can adjust features to fit unique security requirements.
  • Scalability: Facilitates growth by adapting to expanding security needs.
  • Comprehensive Support: Backed by detailed documentation and technical expertise.
  • Regulatory Compliance: Helps maintain adherence to industry-specific regulations.

In industries like finance, healthcare, and technology, Wazuh is utilized for its capabilities in log aggregation, threat detection, and vulnerability management. Companies often implement its features to ensure compliance with stringent regulations and to enhance security practices across cloud environments. By leveraging its integration capabilities, organizations can achieve unified security management, ensuring comprehensive protection of their digital assets.

Wazuh
 

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa
Information Not Available
Buyer's Guide
ArcSight Logger vs. Wazuh
December 2025
Free Report: ArcSight Logger vs. Wazuh
Find out what your peers are saying about ArcSight Logger vs. Wazuh and other solutions. Updated: December 2025.
DOWNLOAD NOW
879,768 professionals have used our research since 2012.
See our ArcSight Logger vs. Wazuh report.
See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.