We performed a comparison between ArcSight Logger, IBM Security QRadar, and ManageEngine EventLog Analyzer based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Wazuh, Datadog and others in Log Management."The machine learning is a good feature."
"The technical support team is good...It is a scalable solution."
"ArcSight provides the basic information that we want."
"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
"In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
"The ability to customize the solution in great detail is its most valuable features. We can customize the use cases and also have the ability to do scripting. We can personalize our dashboard as well. The scalability the solution offers is quite impressive."
"We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist."
"ArcSight's robustness is its most valuable feature."
"The ability to add extensions is the most valuable feature. For example, extensions that provide valuable test ports."
"We've found the solution to be scalable."
"This solution has allowed us to correlate logs from multiple sources."
"We are using the platform version, which I like."
"The correlation and the parsing are important features, since it is very important for a SIEM to have a good scalability and performance."
"It allows us to search data both on-premises and on the cloud."
"Improves visibility and has a great new dashboard."
"No doubt about it, the solution is extremely stable."
"What I found most useful in ManageEngine EventLog Analyzer is its integration with other ManageEngine applications. It seamlessly integrates throughout the ManageEngine suite, and that's beneficial. I also like that the solution has chain management capabilities, it has a modular approach, and it's easy to reach the support team."
"It's one of the easiest products. It's very simple to use."
"The most valuable features of ManageEngine EventLog Analyzer are the number of capabilities, file integration monitoring, web server log collection, and alert configuration."
"It is stable."
"The initial setup is straightforward"
"I have made use of technical support and am certainly very satisfied with them."
"The user interface is very good."
"The log management has helped to improve my organization."
"We find that the search and access functionality is quite slow."
"I would like to see better scheduling in the next release of this solution."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"The initial setup was a little bit complex."
"You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."
"It's not a new product and is a bit complex. So, it requires a person dedicated to working on it and to know about it in and out. It is a huge product, and the search operation is a bit complicated for a new user or someone who has not used it for long. So for that person, it becomes a bit difficult."
"I had some latency issues for two months. I had to increase our storage capacity significantly to reduce the latency."
"The integration with other systems could be improved."
"The solution should enhance its capabilities of UEBA and AI/ML tech modeling."
"I would like for them to develop a detection management solution. It does not have a detecting management solution in it, you have to buy it as it is, on top of the extended solution."
"I would like to see a better GUI."
"I'm not sure about the stability just yet. We've observed a few issues and we raised a supporting ticket for it."
"It is not app based."
"QRadar's performance has room for improvement because it cannot handle the volume. I need massive amounts of logs from various devices in our existing network architecture. IBM needs to improve QRadar's capacity to handle more logs."
"We have had problems with networking."
"The solution should include remote action capabilities."
"The customization of reports could be a lot easier. It is not difficult but it could be made easier."
"It may not be as easy to use as Splunk."
"I would like to see more detailed reports."
"The solution is stable. However, there are limits. For example, we can do 2,500 Syslog events per second, but if we want to do more we have to install the distributor structure, and then we can expand how many events we can do. They could improve the stability."
"Support could improve to make the solution better."
"The scalability is limited."
"The first tier of customer service and support is not great."
"There isn't good security integration when it comes to cybersecurity. The correlation of logs isn't so simple."
More ManageEngine EventLog Analyzer Pricing and Cost Advice →