We performed a comparison between ArcSight Intelligence and NNT Log Tracker Enterprise based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The most valuable feature of ArcSight Intelligence is a single console where the entire dashboard gives all the connected details in a single place."
"We found the correlation engine to be very good. It takes logs from different types of devices and does the correlation in a good way."
"The ability to tailor an environment to suit our specific use cases is a major advantage of ArcSight compared to other logging servers such as Splunk."
"The product has a valuable interface."
"The platform helps us improve threat detection capabilities."
"The FIM features in the Change Tracker and the Log Tracker are the most valuable."
"This is a very easy-to-use interface with a quick ramp-up time."
"The most valuable feature is the predefined reports for PCI compliance."
"File integrity monitoring is a very important function."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"The playbook is a bit difficult and could be improved."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"The dashboard is not user-friendly and is in black and white."
"ArcSight Intelligence is a bit slower, and its speed should be improved."
"We haven't found the product fully scalable."
"The frequency of the updates that we are getting can be improved because the number and types of incidents that are happening at the global level are far more than what we are receiving. The frequency of updates feeds related to our rules should be increased. There should be more frequent information about the new rules that are coming and the global threats that are happening. There should be better options for dashboard creation. At present, the dashboards are good, but there is scope to make them better."
"ArcSight Intelligence's pricing needs improvement."
"The correlation suite needs to be improved."
"Only one minor deployment issue came up and it was resolved quickly. No other areas of improvement come to mind yet."
"It is able to identify the vulnerability, however, they need an option to auto-mitigate."
"I would like to see the integration of AI technology, so rather than manually monitoring the logs, the tool will understand it and take care of it."
ArcSight Intelligence is ranked 33rd in Security Information and Event Management (SIEM) with 5 reviews while NNT Log Tracker Enterprise is ranked 42nd in Security Information and Event Management (SIEM) with 4 reviews. ArcSight Intelligence is rated 8.0, while NNT Log Tracker Enterprise is rated 8.2. The top reviewer of ArcSight Intelligence writes "A user-friendly solution that can be used to integrate the logs properly with different connectors". On the other hand, the top reviewer of NNT Log Tracker Enterprise writes "Great for PCI compliance but issues with stability and large amounts of data". ArcSight Intelligence is most compared with ArcSight Enterprise Security Manager (ESM) and Exabeam Fusion SIEM, whereas NNT Log Tracker Enterprise is most compared with .
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.