No more typing reviews! Try our Samantha, our new voice AI agent.

ArcSight Logger vs CrowdStrike Observability comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Logger
Ranking in Log Management
32nd
Average Rating
7.6
Reviews Sentiment
5.8
Number of Reviews
32
Ranking in other categories
No ranking in other categories
CrowdStrike Observability
Ranking in Log Management
22nd
Average Rating
8.0
Reviews Sentiment
4.9
Number of Reviews
8
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of ArcSight Logger is 0.9%, up from 0.7% compared to the previous year. The mindshare of CrowdStrike Observability is 0.9%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
CrowdStrike Observability0.9%
ArcSight Logger0.9%
Other98.2%
Log Management
 

Featured Reviews

MA
Sr. Cybersecurity Consultant IT/OT at EJADA
Compliance and cost-effectiveness have improved while critical infrastructure security adapts to evolving needs
ArcSight Logger fulfills compliance requirements and passes audit requirements. It is one of the Aramco standards requirements and is recommended by Aramco for any implementation. Aramco, SABIC, water companies, and electricity companies are critical infrastructure with air-gapped networks. In an air-gapped network, there is no communication going out from that network area to the outside world, even to the corporate network. ArcSight Logger is installed on minimal resources with minimal requirements. There are not many upgrades or new features that come up frequently, though they do occur occasionally.
HectorRios - PeerSpot reviewer
IT COMMUNICATIONS AND NETWORKS at Américas BPS
Has provided reliable alerts and helped identify infrastructure issues through detailed reporting
The best features of CrowdStrike Observability include the way they show issues to the client or agent, and their data collection method is interesting because they use an agent-less approach in some cases, collecting data from infrastructure such as firewalls. Additionally, they have the agent, but the presentation in the management console is excellent as we have observability end-to-end with the servers and all the services configured in the use cases. The intelligent alerting feature is excellent and configured on our console, being highly effective as it detects real alerts and just warnings or real issues. Identifying performance bottlenecks is important because they collect numerous MD5 or hash keys including movements or playbooks. The way they organize that in the console is excellent, allowing you to have reports detecting issues, which not only includes detection but also provides solutions to those issues.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's a robust, mature product and you can do some really complex operations and analytics."
"It benefits the organization by identifying the threats ranging from the most basic ones to many advanced ones."
"In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer."
"We check a lot of logs in ArcSight Logger because we're running a massive database platform."
"The most important thing is the scalability of the product and its ease of use."
"ArcSight has improved incident response from days to minutes."
"As the name suggests, it's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."
"This is a solution that is straightforward and easy to use."
"The log aggregation and correlation of data are notable features that enhance our operations."
"I find the most effective feature of CrowdStrike Observability to be its cloud vision and attack surface vision, which enhance network traffic analysis."
"CrowdStrike Observability is a signature-less solution where you don't need to update your endpoints or the CrowdStrike Observability agents regularly, and it is completely based on AI and ML search engines."
"The intelligence database provided by CrowdStrike is very impressive."
"The dashboard and user interface of CrowdStrike Observability are quite good, and the support is responsive."
"CrowdStrike Observability offers strong predictive analytics capabilities, and the intelligent alerting system helps minimize noise and optimize IT resources effectively."
"In the logs and the trajectory, it shows detailed information about where the source of infection comes from, how it travels, and how to reach there."
"The best features of CrowdStrike Observability include the way they show issues to the client or agent, and their data collection method is interesting because they use an agent-less approach in some cases, collecting data from infrastructure such as firewalls."
 

Cons

"ArcSight has been sold two or three times, and the quality has decreased."
"The platform is quite expensive. They should reduce its cost."
"HP needs to work on the stability as it is mostly dependent on Java and there are console-related issues."
"The solution should make it possible to integrate network analysis features."
"Using the ArcSight Logger dashboard is not particularly intuitive or efficient, so it is important to be trained in its use."
"Overall, it is a good system for what we use it for, but some licensing parts are really annoying."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"The only drawback is that without ESM, you are limited."
"Integration with Huawei should be more straightforward."
"From the different deployments I have worked with, the shortcomings of CrowdStrike Observability are often because of what clients are able to share with CrowdStrike."
"The pricing is very high and small companies cannot afford it. They should reduce the price because the backend infrastructure is the same."
"The customer service is not satisfactory for me. The support is only available in English, and my users in LATAM regions such as Peru and Colombia require local language support, which is not currently provided."
"For reporting or log management, having a longer duration for backup without needing to purchase a paid subscription would be beneficial. Currently, there is a default ninety-day backup period."
"The areas of CrowdStrike Observability that have room for improvement include the approach towards customer issues, where resolution takes time."
"Technical support received a rating of 4 out of 10."
"We had some difficulties at the beginning, but at this moment they are improving, so probably in some months I will give them a ten."
 

Pricing and Cost Advice

"Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."
"ArcSight is an expensive solution."
"I would rate the product a seven out of ten since it's an enterprise product."
"I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."
"It's not cheap at all as it's a big product and has been in the market for quite some time now."
"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."
"The pricing is quite harsh."
"We have a lifetime license, so we don't pay a monthly fee."
Information not available
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
11%
Financial Services Firm
9%
Manufacturing Company
9%
Comms Service Provider
7%
Computer Software Company
16%
Financial Services Firm
12%
Construction Company
11%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise9
Large Enterprise17
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise3
Large Enterprise3
 

Questions from the Community

What needs improvement with ArcSight Logger?
This decision is made by higher management as they don't want to have multiple solutions for one solution. ArcSight Logger themselves don't provide good support, but companies such as ours provide ...
What is your primary use case for ArcSight Logger?
We do work for multiple SIEM solutions such as Splunk, QRadar, LogRhythm. My team and I mostly work on ArcSight Logger and Splunk because we are dealing with projects related to these solutions. We...
What advice do you have for others considering ArcSight Logger?
As a department head, my staff uses my credentials and contacts everywhere. Only ArcSight Logger with Splunk was implemented in Aramco, not in other organizations. I rate ArcSight Logger 8 out of 10.
What needs improvement with CrowdStrike Observability?
The product at this moment is really good; CrowdStrike Observability is still working to improve it and they are including new features. At this time, I cannot provide an opinion about what else to...
What is your primary use case for CrowdStrike Observability?
We are currently finishing the configuration of the solution, making the playbooks and configurations with the use cases. From CrowdStrike Observability, we use all the solution including XDR and a...
What advice do you have for others considering CrowdStrike Observability?
We did not use Falcon Sandbox or Falcon Exposure Management. We are using a local partner and they have a marketplace, but we are working with a local partner from Google. We are just customers, no...
 

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger
No data available
 

Overview

 

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa
Information Not Available
Find out what your peers are saying about ArcSight Logger vs. CrowdStrike Observability and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.