ArcSight Logger reviews, rating and features 2022

ArcSight Logger OverviewUNIXBusinessApplication
Price:

ArcSight Logger is #25 ranked solution in Log Management Software. PeerSpot users give ArcSight Logger an average rating of 8 out of 10. ArcSight Logger is most commonly compared to Splunk: ArcSight Logger vs Splunk. ArcSight Logger is popular among the large enterprise segment, accounting for 63% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 25% of all views.

Buyer's Guide

Download the Log Management Buyer's Guide including reviews and more. Updated: June 2022

What is ArcSight Logger?

HPE ArcSight Data Platform (ADP) offers a future-ready data solution that enriches data in real time and supports open standards for better threat detection. Using security data connectors, ADP collects data and enriches it in real-time to give analysts organized information that can be acted upon instantly.

ArcSight Logger was previously known as Micro Focus Arcsight Logger, HPE Arcsight Logger.

ArcSight Logger Customers

China Merchants Bank, Bank AlJazira, Banca Intesa

ArcSight Logger Video

ArcSight Logger Pricing Advice

What users are saying about ArcSight Logger pricing:

"It's not cheap at all as it's a big product and has been in the market for quite some time now."

"The pricing is quite harsh."

ArcSight Logger Reviews

reviewer1625799

Security Professional at a tech services company with 501-1,000 employees

Jul 27, 2021

Download

Has very fast search operations but is not easy to implement and maintain

Pros and Cons

"It's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."

"It's not a new product and is a bit complex. So, it requires a person dedicated to working on it and to know about it in and out. It is a huge product, and the search operation is a bit complicated for a new user or someone who has not used it for long. So for that person, it becomes a bit difficult."

What is our primary use case?

Our primary use case was to catch malicious activity happening inside our organization.

What is most valuable?

As the name suggests, it's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data. The search operations are very fast, and you can get reports very easily for a huge number of events. You can export the search operations. It's very easy when you want to further forward the logs as well. For example, from the end device if I'm receiving logs in an outside logger and I want to forward those to some other product, which will do something for me, I can easily do it. That's one thing that I like about it.

What needs improvement?

It's not a new product and is a bit complex. So, it requires a person dedicated to working on it and to know about it in and out. It is a huge product, and the search operation is a bit complicated for a new user or someone who has not used it for long. So for that person, it becomes a bit difficult. There is a storage problem, and some improvement can be made at the search mechanism. If you want to do a search, then you have to obtain a couple of criteria to get the exact amount of data. Let's say you have hundreds and thousands of servers in your environment, which will ultimately populate billions of events in a single day, especially the network devices. In this case, if you want to search a specific event, you have to be very, very specific with that query. That's something that can be generalized a bit. Apart from that, it's a very complex tool and is not easy to implement and maintain. It requires a dedicated team. Another thing that I think can be improved is the performance issue. When you are ingesting data in ArcSight and also you are forwarding the data from ArcSight to some other products, I have seen some performance issues. ArcSight, does not perform well in this case. It takes time to process the data. The load is too much. At times, the logger crashes. The UI can be improved as well.

For how long have I used the solution?

I used it for close to two years.

Find out what your peers are saying about Micro Focus, Elastic, Splunk and others in Log Management. Updated: June 2022.

DOWNLOAD NOW

610,336 professionals have used our research since 2012.

What do I think about the stability of the solution?

The overall stability is good, and I'd rate it as fine.

What do I think about the scalability of the solution?

To scale it, it again comes down to how are you using it. You need to identify the areas which are taking too much load or requiring too many resources from the logger. Area identification needs to be there. Once you do that, then it is easier to scale. If you are not looking at the right place, then it would be difficult to scale because the bigger the organization, the bigger is the architecture of ArcSight Logger. This is because you need to have multiple loggers so that ArcSight Logger can withhold all the data that I want to feed into it. We had 20 to 30 users who used ArcSight Logger logger on a daily basis.

How are customer service and support?

Technical support is good. Depending on the agreement with the vendor, such as gold support, platinum support, etc., the support can differ. However, overall, it is good.

How was the initial setup?

The initial setup is complex.

What about the implementation team?

We got help from the vendor during implementation. Without the vendor's help, I would say it's very, very difficult to implement ArcSight Logger and maintain. It's a very complex tool, so we need to have vendor support for implementation.

What's my experience with pricing, setup cost, and licensing?

It's not cheap at all as it's a big product and has been in the market for quite some time now.

What other advice do I have?

I would recommend ArcSight Logger and rate it at seven on a scale from one to ten.

Which deployment model are you using for this solution?

On-premises

Disclosure: I am a real user, and this review is based on my own experience and opinions.

ShilpaSingh

Security Engineer at a tech services company with 1,001-5,000 employees

Mar 15, 2021

Download

High performance, easy query creation, and straightforward documents

Pros and Cons

"Some of the most valuable features I really appreciate are the performance, how quick the solution is, and how easy it is to create a query."

"The solution could be improved in maintenance settings."

What is most valuable?

Some of the most valuable features I really appreciate are the performance, how quick the solution is, and how easy it is to create a query. Additionally, it is user friendly and the automatic graph creation feature is beneficial.

What needs improvement?

The solution could be improved in maintenance settings.

Some of the additional features I would like to see in the next release is an automated dashboard of the logs that has information that is more detailed.

For how long have I used the solution?

I have used this solution for one and a half years.

What do I think about the stability of the solution?

It is a stable solution.

What do I think about the scalability of the solution?

It is a scalable solution.

How are customer service and technical support?

The technical support is very good providing accurate answers and I have never experienced problems with them.

How was the initial setup?

The initial setup to be straightforward, you just have to stick to the documents and it is really easy.

What about the implementation team?

My current deployment was not a complex environment. It was very easy to deploy and connect with the different connectors. I had deployed the solution approximately three times in my career.

With a complex environment, the deployment was approximately two days whereas with a really complex environment the setup would require around 15-20 connectors.

What other advice do I have?

I would recommend it to others because the performance of the solution is overall great. One of the significant features are its high search capacity and if you know the query language you will be more comfortable.

I rate ArcSight Logger a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

Find out what your peers are saying about Micro Focus, Elastic, Splunk and others in Log Management. Updated: June 2022.

DOWNLOAD NOW

610,336 professionals have used our research since 2012.

reviewer1481982

Senior Information Security Analyst – GRC at a transportation company with 1,001-5,000 employees

Feb 20, 2021

Download

Expensive with poor support, but it gives us the basic information we want

Pros and Cons

"ArcSight provides the basic information that we want."

"The integration with other systems could be improved."

What is our primary use case?

We have just upgraded to Splunk, so we're currently in the process of converting everything over from ArcSight to Splunk.

What is most valuable?

ArcSight provides the basic information that we want.

What needs improvement?

The support structure is not very good.

They are not 100% up to date with the current technology.

ArcSight does not provide the advanced details that we require.

AI and analytics are one of the major things that are needed for better analysis.

The integration with other systems could be improved.

The interface could be improved with a better GUI.

For how long have I used the solution?

The company has been using ArcSight Logger for between six and seven years. I joined the company six months ago, which was my first experience with it.

What do I think about the stability of the solution?

The stability is alright.

What do I think about the scalability of the solution?

Scaling this product is painful.

Staff-wise, we're not very big but scale-wise, we're right across the whole world. We operate in EMEA, Mexico, and APAC.

How are customer service and technical support?

We are not satisfied with the support.

Which solution did I use previously and why did I switch?

We are now using Splunk and are moving away from ArcSight.

What's my experience with pricing, setup cost, and licensing?

The pricing is quite harsh.

What other advice do I have?

I would rate this solution a five out of ten.

Which deployment model are you using for this solution?

On-premises

Disclosure: I am a real user, and this review is based on my own experience and opinions.

Read archived reviews (2+ years old)

Buyer's Guide

Download our free Log Management Report and find out what your peers are saying about Micro Focus, Elastic, Splunk, and more!

Updated: June 2022

DOWNLOAD NOW

Product Categories

Log Management