Try our new research platform with insights from 80,000+ expert users

ArcSight Logger vs Elastic Observability comparison

OpenText and Elastic are both solutions in the Log Management category. OpenText is ranked #30 with an average rating of 6.7, while Elastic is ranked #14 with an average rating of 8.1. OpenText holds a 0.8% mindshare in Log Management, compared to Elastic’s 1.4% mindshare. Additionally, 80% of OpenText users are willing to recommend the solution, compared to 88% of Elastic users who would recommend it.
ArcSight Logger
Read 31 ArcSight Logger reviews
  • 1,433 Views
  • 1,292 Comparison Views
80% willing to recommend
Elastic Observability
Read 26 Elastic Observability reviews
  • 2,840 Views
  • 2,461 Comparison Views
88% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 9, 2024

ArcSight Logger and Elastic Observability are two prominent solutions in the data monitoring and analysis category. Elastic Observability is often seen as superior due to its feature-rich offerings and flexibility, despite ArcSight Logger's notable security strengths.

Features: ArcSight Logger is known for strong security, compliance features, and seamless integration within large enterprises. Elastic Observability stands out with scalability, advanced search capabilities, and real-time analytics, offering agility across various situations. ArcSight focuses on security, whereas Elastic emphasizes flexibility and analytical depth.

Room for Improvement: ArcSight Logger could enhance integration with modern data sources and increase flexibility. Elastic Observability users mention the need for improved performance in large data environments and more user customization options. ArcSight's adaptation to new technologies and Elastic’s data performance optimization are key focus areas.

Ease of Deployment and Customer Service: ArcSight Logger has a structured deployment model, which some find complex but is backed by reliable customer service. Elastic Observability offers straightforward deployment with effective support, emphasizing ease over structure.

Pricing and ROI: ArcSight Logger has higher setup costs, with users reporting strong long-term ROI aligned with security benefits. Elastic Observability provides competitive pricing, offering robust ROI via data processing efficiency. ArcSight’s security benefits justify its costs, while Elastic offers cost-effective data management.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ArcSight Logger vs. Elastic Observability Report (Updated: April 2025).
Buyer's Guide
ArcSight Logger vs. Elastic Observability
April 2025
Download the complete report
Helped 851,451 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Logger
Ranking in Log Management
30th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
31
Ranking in other categories
No ranking in other categories
Elastic Observability
Ranking in Log Management
14th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
26
Ranking in other categories
Application Performance Monitoring (APM) and Observability (7th), IT Infrastructure Monitoring (7th), Container Monitoring (4th), Cloud Monitoring Software (7th)
 

Mindshare comparison

As of May 2025, in the Log Management category, the mindshare of ArcSight Logger is 0.8%, down from 1.1% compared to the previous year. The mindshare of Elastic Observability is 1.4%, down from 2.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Geraldo Freitas - PeerSpot reviewer
Enhances our security incident investigation but not good for correlation
Investigation is good when you know what you want to search for in Logger. The most difficult part is parsing the logs and configuring the parsers. For investigation, it's good. For correlation, it's not good. We use Sentinel, and Sentinel has pre-built use cases that are much easier to configure. So, it enhances our security incident investigation. We have inbound integration, but configuring the parsers is sometimes very difficult. We only have two use cases where we have a correlation set up. We send the information to Check Point to block IP addresses when we see a lot of blocks from the same source. We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist. So, it offers the ease of integration.
Read full review
Adelina Craciun - PeerSpot reviewer
Customization enables tailored monitoring and alerting across departments
The possibility to customize it has been quite useful. Whatever the other departments want to dream up, we implement. Whatever they want to monitor, the granularity of it, the changes in the threshold, and the anomalies that they want reported all require some development. So far, every single request has been fulfilled.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I am impressed with the product's ability to pick up logs. It also has UEBA which has reduced the time to take charge of the events."
"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
"It's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."
"It's a robust, mature product and you can do some really complex operations and analytics."
"The log digestion features from threat intelligence platforms like Recorded Future or Talos are valuable."
"It is one of the best products available in the market."
"In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
"The most valuable feature is the search capability, which is simple to use."
More ArcSight Logger pros
"Its diverse set of features available on the cloud is of significant importance."
"The solution has been stable in our usage."
"We use AppDynamics and Elastic. The reason why we're using Elastic APM is because of the license count. It's very favorable compared to AppDynamics. It's inexpensive; it's economical."
"It is a powerful tool that allows users to collect and transform logs as needed, enabling flexible visualization and analysis."
"Elastic APM has plenty of features, such as the Elastic server for Kibana and many additional plugins. It's a comprehensive tool when used as a logging platform."
"The product has connectors to many services."
"I recommend Elastic Observability for its completeness of vision and wide ecosystem."
"It is very stable, and I would rate it ten out of ten based on my interaction with it."
More Elastic Observability pros
 

Cons

"It's not a new product and is a bit complex. So, it requires a person dedicated to working on it and to know about it in and out. It is a huge product, and the search operation is a bit complicated for a new user or someone who has not used it for long. So for that person, it becomes a bit difficult."
"The solution must provide readymade connectors for different applications."
"The solution should make it possible to integrate network analysis features."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"We have had problems with archiving."
"ArcSight has been sold two or three times, and the quality has decreased."
"The platform is quite expensive. They should reduce its cost."
"I think the ArcSight team should try to simplify legacy products for the customers, because that product is not easy to use or to work with. It needs more more competency or appeal to use. We hope Micro Focus is trying to resolve this."
More ArcSight Logger cons
"The solution needs to use more AI. Once the product onboards AI, users would more effectively be able to track endpoints for specific messages."
"One example is the inability to monitor very old databases with the newest version."
"Elastic Observability is reactive rather than proactive. It should act as an ITSM tool and be able to create tickets and alerts on Jira."
"Elastic Observability’s price could be improved."
"Elastic Observability needs to improve the retrieval of logs and metrics from all the instances."
"Elastic APM's visualization is not that great compared to other tools. It's number of metrics is very low."
"In the future, Elastic APM needs a portfolio iTool. They can provide an easy way to develop the custom UI for Kibana."
"It lacked some capabilities when handling on-prem devices, like network observability, package flow analysis, and device performance data on the infrastructure side."
More Elastic Observability cons
 

Pricing and Cost Advice

"Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."
"I would rate the product a seven out of ten since it's an enterprise product."
"I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."
"The pricing is quite harsh."
"ArcSight is an expensive solution."
"It's not cheap at all as it's a big product and has been in the market for quite some time now."
"We have a lifetime license, so we don't pay a monthly fee."
"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."
"Users have to pay for some features, like the alerts on different channels, because they are unavailable in different source versions."
"We have been using the open-source version."
"The product is not that cheap."
"The price of Elastic Observability is expensive."
"Pricing is one of those situations where the more you use it, the more you pay."
"Since we are a huge company, Elastic Observability is an affordable solution for us."
"The product’s pricing needs improvement."
"There are two types: cloud and SaaS. They charge based on data ingestion, ingest rate, hard retention, and warm retention. I believe it costs around $25,000 annually to ingest 30GB of data daily. That is the SaaS version. There is also a self-managed license where the customer manages their own infrastructure on-prem. In such cases, there are three license tiers that respectively cost $5,000 annually per node, $7,000 per node, and $12,500 per node."
More Elastic Observability pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
See recommendations
851,451 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
17%
Government
9%
Educational Organization
6%
Financial Services Firm
19%
Computer Software Company
15%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ArcSight Logger?
We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist.
See all answers
What is your experience regarding pricing and costs for ArcSight Logger?
The pricing isn't the problem. We have a lifetime license, so we don't pay a monthly fee.
See all answers
What needs improvement with ArcSight Logger?
The solution has room for improvement. We're currently upgrading to the newer version, where they have something like Kafka, a hub for all solutions feeding information into Logger. However, I thin...
See all answers
What do you like most about Elastic Observability?
Elastic Observability significantly improves incident response time by providing quick access to logs and data across various sources. For instance, searching for specific keywords in logs spanning...
See all answers
What is your experience regarding pricing and costs for Elastic Observability?
Elastic Observability is cost-efficient and provides all features in the enterprise license without asset-based licensing. However, sizing and licensing information could be clearer.
See all answers
What needs improvement with Elastic Observability?
Of course, maintenance is necessary, as with any software, requiring updates with the latest features and security enhancements. It lacked some capabilities when handling on-prem devices, like netw...
See all answers
 

Comparisons

Splunk Enterprise Security vs ArcSight Logger Logo
Splunk Enterprise Security vs ArcSight Logger
Compared 37% of the time
IBM Security QRadar vs ArcSight Logger Logo
IBM Security QRadar vs ArcSight Logger
Compared 34% of the time
Elastic Security vs ArcSight Logger Logo
Elastic Security vs ArcSight Logger
Compared 10% of the time
Wazuh vs ArcSight Logger Logo
Wazuh vs ArcSight Logger
Compared 8% of the time
Grafana Loki vs ArcSight Logger Logo
Grafana Loki vs ArcSight Logger
Compared 5% of the time
More ArcSight Logger Competitors
New Relic vs Elastic Observability Logo
New Relic vs Elastic Observability
Compared 14% of the time
Sentry vs Elastic Observability Logo
Sentry vs Elastic Observability
Compared 13% of the time
Dynatrace vs Elastic Observability Logo
Dynatrace vs Elastic Observability
Compared 12% of the time
Grafana vs Elastic Observability Logo
Grafana vs Elastic Observability
Compared 9% of the time
Zabbix vs Elastic Observability Logo
Zabbix vs Elastic Observability
Compared 8% of the time
More Elastic Observability Competitors
 

Product Reports

Buyer's Guide
ArcSight Logger
May 2025
ArcSight Logger reportDownload ArcSight Logger product report
Buyer's Guide
Elastic Observability
May 2025
Elastic Observability reportDownload Elastic Observability product report
 

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger
No data available
 

Overview

HPE ArcSight Data Platform (ADP) offers a future-ready data solution that enriches data in real time and supports open standards for better threat detection. Using security data connectors, ADP collects data and enriches it in real-time to give analysts organized information that can be acted upon instantly.
OpenText

Elastic Observability is primarily used for monitoring login events, application performance, and infrastructure, supporting significant data volumes through features like log aggregation, centralized logging, and system metric analysis.

Elastic Observability employs Elastic APM for performance and latency analysis, significantly aiding business KPIs and technical stability. It is popular among users for system and server monitoring, capacity planning, cyber security, and managing data pipelines. With the integration of Kibana, it offers robust visualization, reporting, and incident response capabilities through rapid log searches while supporting machine learning and hybrid cloud environments.

What are Elastic Observability's key features?
  • Economic licensing: Offers cost-effective plans.
  • Extensive metrics tracking: Helps in comprehensive system monitoring.
  • Comprehensive logging: Centralizes log data efficiently.
  • Performance Monitoring: Provides robust APM capabilities.
  • Integration: Seamlessly integrates with other solutions.
  • Kibana visualization: Facilitates data visualization and reporting.
  • Machine learning support: Enables advanced data analysis.
  • Flexible deployment: Supports various deployment environments.
  • Rapid log searches: Enhances quick incident response.
  • Accessibility: Offers extensive online documentation and connector support.
What benefits or ROI should users look for in Elastic Observability reviews?
  • Stability: Look for consistent performance and reliability.
  • Compliance: Effective monitoring aids in regulation adherence.
  • System Security: Enhanced system monitoring and alert management.
  • Cost-Effectiveness: Evaluate the economic pricing models.
  • Scalability: Adequate scalability options for growing needs.

Companies in technology, finance, healthcare, and other industries implement Elastic Observability for tailored monitoring solutions. They find its integration with existing systems useful for maintaining operation efficiency and security, particularly valuing the visualization capabilities through Kibana to monitor KPIs and improve incident response times.

Elastic
 

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa
PSCU, Entel, VITAS, Mimecast, Barrett Steel, Butterfield Bank
Buyer's Guide
ArcSight Logger vs. Elastic Observability
April 2025
Free Report: ArcSight Logger vs. Elastic Observability
Find out what your peers are saying about ArcSight Logger vs. Elastic Observability and other solutions. Updated: April 2025.
DOWNLOAD NOW
851,451 professionals have used our research since 2012.
See our ArcSight Logger vs. Elastic Observability report.
See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.