ArcSight Logger and Elastic Observability are two prominent solutions in the data monitoring and analysis category. Elastic Observability is often seen as superior due to its feature-rich offerings and flexibility, despite ArcSight Logger's notable security strengths.
Features: ArcSight Logger is known for strong security, compliance features, and seamless integration within large enterprises. Elastic Observability stands out with scalability, advanced search capabilities, and real-time analytics, offering agility across various situations. ArcSight focuses on security, whereas Elastic emphasizes flexibility and analytical depth.
Room for Improvement: ArcSight Logger could enhance integration with modern data sources and increase flexibility. Elastic Observability users mention the need for improved performance in large data environments and more user customization options. ArcSight's adaptation to new technologies and Elastic’s data performance optimization are key focus areas.
Ease of Deployment and Customer Service: ArcSight Logger has a structured deployment model, which some find complex but is backed by reliable customer service. Elastic Observability offers straightforward deployment with effective support, emphasizing ease over structure.
Pricing and ROI: ArcSight Logger has higher setup costs, with users reporting strong long-term ROI aligned with security benefits. Elastic Observability provides competitive pricing, offering robust ROI via data processing efficiency. ArcSight’s security benefits justify its costs, while Elastic offers cost-effective data management.
We provide pre-implementation, implementation, and post-implementation support.
Elastic Observability seems to have a good scale-out capability.
What is not scalable for us is not on Elastic's side.
It is very stable, and I would rate it ten out of ten based on my interaction with it.
Elastic Observability is really stable.
Splunk does much more than SIEM, including log analysis, user behavior analysis, threat intelligence, and customer behavior analysis.
For instance, if you have many error logs and want to create a rule with a custom query, such as triggering an alert for five errors in the last hour, all you need to do is open the AI bot, type this question, and it generates an Elastic query for you to use in your alert rules.
It lacked some capabilities when handling on-prem devices, like network observability, package flow analysis, and device performance data on the infrastructure side.
Elastic Observability could improve asset discovery as the current requirement to push the agent is not ideal.
Elastic Observability is cost-efficient and provides all features in the enterprise license without asset-based licensing.
Observability is actually cheaper compared to logs because you're not indexing huge blobs of text and trying to parse those.
The license is reasonably priced, however, the VMs where we host the solution are extremely expensive, making the overall cost in the public cloud high.
ArcSight Logger installs on very minimal resources with very few requirements
the most valued feature of Elastic is its log analytics capabilities.
The most valuable feature is the integrated platform that allows customers to start from observability and expand into other areas like security, EDR solutions, etc.
Every integration, whether for Windows or Linux or even Palo Alto or Fortinet, installs the out-of-the-box dashboards along with it, making it easy to parse incoming data meaningfully and immediately start viewing dashboards to see what's happening in the platform.
Elastic Observability is primarily used for monitoring login events, application performance, and infrastructure, supporting significant data volumes through features like log aggregation, centralized logging, and system metric analysis.
Elastic Observability employs Elastic APM for performance and latency analysis, significantly aiding business KPIs and technical stability. It is popular among users for system and server monitoring, capacity planning, cyber security, and managing data pipelines. With the integration of Kibana, it offers robust visualization, reporting, and incident response capabilities through rapid log searches while supporting machine learning and hybrid cloud environments.
What are Elastic Observability's key features?Companies in technology, finance, healthcare, and other industries implement Elastic Observability for tailored monitoring solutions. They find its integration with existing systems useful for maintaining operation efficiency and security, particularly valuing the visualization capabilities through Kibana to monitor KPIs and improve incident response times.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
