The simplicity of the solution is the most valuable aspect of the product.

The product is quite mature. It's been around for a long time.

The integration is easy for the most part.

The solution is very good at consolidating logs from a variety of sources.

The solution is pretty stable.

The solution can scale.

The user interfaces are quite good and speedy, and I like the consoles too. The typology and the setup are also good. It's very similar to QRadar, so it's user friendly although I believe QRadar rates better. 

It is a very useful tool for intelligence building because it has many use cases and many rule sets.

The solution offers very good monitoring.

The product's log management and event management capabilities are excellent.

There are a lot of really good analytical components. It helps us focus on analysis.

The reports that we are from getting from ArcSight are very valuable. The reporting in ArcSight is good. Our regulators ask us for the reports on a regular basis, and we have been able to provide the required data.

Its overall functionality in terms of log analysis and the speed at which it does that is also valuable. It is very quick. Whatever alerts we had configured were extremely fast. We immediately get alerts when there is unauthorized access or unknown access, or even positive access. This is where we found the difference between ArcSight and other solutions.

The filters and the ability to do what you want are the most valuable features. There is nothing that you cannot do in this solution. It has all the features, which makes it very dynamic.

The features I found most important in this solution are artificial intelligence and correlation tools. Machine learning which was recently added to the platform is also an important feature.

The most valuable feature is the real-time alerts. We're also currently looking to incorporate some of the SOAR capabilities that are new to the platform.

The feature that I have found the most useful is that it can be deployed to the cloud.

The most useful features are directories, price, and live reporting.

Corelation Engine by corelating the cross domain logs.

I think the correlation feature is one of the best features of ArcSight.

I really like the correlation part and the way the logs are correlated. I have never faced issues with parsing in this product. I like the way it parses, and everything is so clear to me.

The solution has a good dashboard, very good real-time reporting and it's easy to use, offering simplicity for implementation and operations.

There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive. 

The most valuable features are lists, correlation, escalation matrix, and customers.