We performed a comparison between ArcSight Logger and Elastic Stack based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."
"ArcSight's robustness is its most valuable feature."
"It's a robust, mature product and you can do some really complex operations and analytics."
"The ability to customize the solution in great detail is its most valuable features. We can customize the use cases and also have the ability to do scripting. We can personalize our dashboard as well. The scalability the solution offers is quite impressive."
"In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
"It is one of the best products available in the market."
"The technical support team is good...It is a scalable solution."
"I think the ecosystem is well supported, and for logs, it was faster compared to our previous previous log management."
"The tool is huge, and it performs brilliantly. I tested it for malware, and within two weeks of launching, the product alerted me about a network intrusion. This was a tough test for it, but it performed admirably. The alerting system is excellent, and searching through logs is incredibly efficient. What's impressive is that all three products or options are integrated into one solution. This means I don't need separate logging, monitoring, or antivirus solutions."
"Prior to the latest updates, data lake management was a standout feature. The hybrid capability for on-premise and cloud integration was also crucial. Now, with Elastic Defense, the agent simplifies security monitoring, making it a key asset."
"Elastic Stack is mainly used to monitor servers and APIs. It helps ensure the software's availability and sends notifications at the right time so the system is not down for a long time. The tool's stability and advanced features, such as anomaly detection, are the most valuable features. The benefit of using it is real-time monitoring."
"The biggest strength of Elastic Stack is its brilliant archiving capabilities."
"It is a very scalable solution...I didn't face any problem with this scalability part of the solution since we only have a few pieces of equipment in our company."
"I have experienced a return on investment from the use of the solution."
"The tool's most powerful aspect is its search engine capability. It's a highly effective and powerful solution for searching. We use it in professional and student projects at universities, and it delivers promising results."
"The initial setup was a little bit complex."
"I had some latency issues for two months. I had to increase our storage capacity significantly to reduce the latency."
"The solution must provide readymade connectors for different applications."
"ArcSight has been sold two or three times, and the quality has decreased."
"We find that the search and access functionality is quite slow."
"The platform is quite expensive. They should reduce its cost."
"The product's connectors should work better and the user manuals need an update."
"The console in older versions is not user-friendly."
"Elastic Stack should work on their dashboards and integration process."
"Improvements are needed in the solution in areas like SOAR and TIP, where there are certain shortcomings."
"The main issue related to Elastic Stack is in the area of its licensing."
"The implementation of dashboards in the solution needs to be made easier...I had some issues with the ports and configuration since it was kind of complex to implement with Docker."
"Elastic Stack's search capabilities can be challenging, especially when searching for precise data from past years, such as two or ten years ago. Its indexing performance for exact data retrieval may decrease as the data volume grows. Therefore, I believe there is room for improvement in the product's search functionality. It needs to improve its pricing as well."
"The solution is expensive, particularly the training and certification. If customers want to increase their use of Elastic Stack, they should consider reducing the cost of certification and training."
"Agent deployment is a little tough in the on-premise version."
"It lacks a clear NDR (Network Detection and Response) feature. If Elastic could enhance this aspect, it would significantly boost its capabilities."
ArcSight Logger is ranked 28th in Log Management with 31 reviews while Elastic Stack is ranked 16th in Log Management with 11 reviews. ArcSight Logger is rated 7.8, while Elastic Stack is rated 8.4. The top reviewer of ArcSight Logger writes "A scalable and stable solution that enables users to see all the event logs in one place". On the other hand, the top reviewer of Elastic Stack writes "A stable product that can be fine-tuned easily". ArcSight Logger is most compared with Splunk Enterprise Security, IBM Security QRadar, Elastic Security, Wazuh and LogRhythm SIEM, whereas Elastic Stack is most compared with Security Onion, Wazuh, Falcon LogScale, Grafana Loki and syslog-ng. See our ArcSight Logger vs. Elastic Stack report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.