No more typing reviews! Try our Samantha, our new voice AI agent.

ArcSight Analytics vs LogRhythm UEBA [EOL] comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 26, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Analytics
Average Rating
6.8
Reviews Sentiment
6.7
Number of Reviews
15
Ranking in other categories
User Entity Behavior Analytics (UEBA) (18th)
LogRhythm UEBA [EOL]
Average Rating
7.2
Reviews Sentiment
6.5
Number of Reviews
12
Ranking in other categories
No ranking in other categories
 

Featured Reviews

reviewer1311453 - PeerSpot reviewer
Consultant at a tech vendor with 10,001+ employees
Good filtering and reporting tools but can be difficult to use
It can scale as needed. It's not a problem. There are different teams using it. We have CSOC, which is internal, which is onshore, then we have a security operations center that is offshore, which would be in India. The onshore team might be a group of three, and the offshore might be a group of five. Likely, we have eight to ten people in total using the product directly.
Venda E - PeerSpot reviewer
Cloud Option Engineer at a tech vendor with 10,001+ employees
Behavior analytics has improved insider threat detection and reduces false positives for our team
The best features LogRhythm UEBA [EOL] offers are its behavioral balancing, baselining, risk scoring, and correlation with SIEM events, and what stands out most is risk scoring, which gives clear visibility into which user behaviors are genuinely risky and helps our team to focus on the highest priority threats without drowning in noise. Risk scoring helps us to quickly identify which users' activity needs immediate attention by clearly ranking threats based on impact and likelihood; it changes our day-to-day operations by reducing time spent on low-risk alerts and allowing the team to prioritize investigations and response actions more effectively and consistently. LogRhythm UEBA [EOL] has positively impacted our organization by improving our ability to detect insider threats and compromised accounts earlier, resulting in better security visibility, reduced false positives, and faster investigations and response times, which helped the team operate more effectively with greater confidence. I observed a noticeable reduction in false positive alert volume, which shortened the investigation time per incident, improving the mean time to detect and respond, and helping identify high-risk user activities earlier, which prevented potential security incidents from escalating.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The correlation engine is good."
"The stability of the solution is perfect."
"This product improves visibility, whereas prior to implementing this solution there is no visibility."
"This solution allows us to identify connections for all users, and we can see the name, login time, IP address, and other information for each connection to each server."
"We have seen a measurable decrease, by about 20 percent, in the mean time to detect and respond to risks."
"Investigating an incident has become super easy and helpful."
"This solution makes it easy to create use cases, and it is easy to move queries from use cases to the report to the dashboard."
"Allows multiple integrations with multiple systems in a stable and flexible fashion."
"LogRhythm UEBA [EOL] has positively impacted our organization by improving our ability to detect insider threats and compromised accounts earlier, resulting in better security visibility, reduced false positives, and faster investigations and response times, which helped the team operate more effectively with greater confidence."
"I definitely think that it's good at finding things automatically, versus trying to define it."
"It has a lot of features. It has file integration monitoring."
"The capability of pinpointing specific cyber incidents is a valuable feature for us."
"The most valuable features are file activity monitoring and registry activity monitoring."
"Licensing is on a yearly basis, and it's not expensive compared to its competitors."
"I typically use the product for reducing cyber risk, and I can investigate attacks more quickly using machine learning tools."
"It is easy to monitor users and that is how the solution is adding value to our firm."
 

Cons

"It's a difficult product to navigate, it's complex."
"The ArcSight Analytic is not so easy."
"Network integration is very crucial, and you need to have the knowledge to get it done."
"The interactive dashboard is more complicated comparing to his concurrent Qradar and you need to have training in order to do complexe configuration, so I think that it could be made easier to use."
"The UX for the SOC analyst does not match that of the competitors, and therefore needs improvement."
"I would like to see orchestration."
"Customer service has not been up to the mark. They take longer than they should to resolve issues."
"You can use this solution for limited use cases. But for more advanced use cases, there are other solutions which are better than ArcSight."
"The cloud version is lacking and not up to par."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"The solution is very expensive. There are also costs beyond the standard licensing fee."
"We're now exploring the cloud version but unfortunately we've found that they are lagging in that space."
"The UI could be improved a little bit."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"The on-premises LogRhythm is not very scalable. When considering packets per second or the MPS needed for additional logs such as web application logs, scalability is usually found in cloud products."
 

Pricing and Cost Advice

"It can range between $30,000 and $40,000 USD, and can go up to $500,000 and $600,000 USD."
"The monthly licensing fee is around $20,000. There aren't any costs in addition to the standard licensing fee."
"In addition to the costs of standard licensing fees, there is the cost of labor for maintenance."
"My customers pay a yearly licensing fee for ArcSight Analytics."
"This solution is expensive."
"ArcSight Analytics is a bit expensive compared with other tools in terms of licensing costs, training, hardware implementation, and support."
"I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive."
"LogRhythm UEBA's pricing is affordable for small and medium businesses."
"It is quite a budget-friendly product."
"The pricing is nice when compared to other products in the industry."
"As LogRhythm UEBA is pretty expensive, I'd give its pricing a seven out of ten."
"Licensing is on a yearly basis. It's not expensive compared to its competitors."
report
Use our free recommendation engine to learn which User Entity Behavior Analytics (UEBA) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
21%
Marketing Services Firm
11%
Financial Services Firm
11%
Manufacturing Company
10%
Retailer
11%
Construction Company
10%
Financial Services Firm
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise4
Large Enterprise7
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise4
Large Enterprise4
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What needs improvement with LogRhythm UserXDR?
In general, if something needs to be improved in the algorithm, it would be the dashboards. The dashboards with solutions such as Splunk are very neat and clean. I would also like to improve the us...
What is your primary use case for LogRhythm UserXDR?
I typically use the product for reducing cyber risk, and I can investigate attacks more quickly using machine learning tools.
What advice do you have for others considering LogRhythm UserXDR?
I would not necessarily recommend LogRhythm due to its complexity and lack of modularity. I would always recommend Splunk to users since it is a powerful solution. Combining it with other solutions...
 

Also Known As

ArcSight User Behavior Analytics, ArcSight UBA
LogRhythm UserXDR, LogRhythm Enterprise UEBA
 

Overview

Find out what your peers are saying about Exabeam, One Identity, IBM and others in User Entity Behavior Analytics (UEBA). Updated: June 2026.
902,988 professionals have used our research since 2012.