We performed a comparison between ArcSight Logger, IBM Security QRadar, and Sumo Logic Security based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Wazuh, Datadog and others in Log Management."Some of the most valuable features I really appreciate are the performance, how quick the solution is, and how easy it is to create a query."
"ArcSight provides the basic information that we want."
"We haven't had any crashes or bugs. It is stable."
"It's an efficient solution."
"In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
"The solution provides information about the risk factors."
"It's a robust, mature product and you can do some really complex operations and analytics."
"The tool's most valuable feature is log source management. It enables us to connect to various log sources, including content, authentications, or other customized integrations. These integrations can be tailored for use with other platforms that don’t already have built-in IBM add-ons."
"The most valuable features would have to be the products' ability to customize vulnerability management settings."
"IBM Qradar's ability to simplify the number of events, not only on a technical level but by making that information easy to pan through the orchestration deduplication. It is very impressive given that we have hundreds of devices that send event logs through."
"The feature that I find the most useful is that IBM QRadar User Behavior Analytics is free of charge. It's a fully free product that can be installed on top of IBM QRadar SIEM."
"It saves a lot of time. We integrate the customer's firewall with all their networking devices."
"Customer service is very good and very helpful."
"There are more than 120 extensions in QRadar, which are easy to install and configure. These can improve your analysis of events."
"The playbook engine is flexible and allows for the graphical visualization of processes, enabling the implementation of dynamic playbooks for incident response or testing."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"Scalability has been good for our needs. We haven't run into any scaling issues in regards to size so far."
"It helps a lot because we can troubleshoot issues pretty easily."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"I have no concerns about the stability of the product. I feel it handles the stress we put on it very well."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"It is really difficult to work in ArcSight Logger, as it is very slow."
"The solution should make it possible to integrate network analysis features."
"It would be better if the product is cheaper."
"Using the ArcSight Logger dashboard is not particularly intuitive or efficient, so it is important to be trained in its use."
"The product's connectors should work better and the user manuals need an update."
"I think the ArcSight team should try to simplify legacy products for the customers, because that product is not easy to use or to work with. It needs more more competency or appeal to use. We hope Micro Focus is trying to resolve this."
"The integration with other systems could be improved."
"The solution could be improved in maintenance settings."
"The only challenge with products like IBM is the EPS. You just have to be really on the events per second, as that's where the cost factor becomes a huge issue."
"QRadar needs a lot of fine tuning"
"The initial setup was complex, and it took six months."
"IBM QRadar User Behavior Analytics could improve machine learning use cases because they are limited and most of the use cases are rule-based. They should develop more use cases, such as in Securonix or Exabeam because they will detect a threat. Using machine learning is mainly on the correlation rules, but if you think about Exabeam or Securonix, they detect using machine learning or machine learning-based algorithms."
"The dashboard and reports are not user-friendly or efficient so are of little help with threat hunting activity."
"IBM is going through some problems with its resources currently making its support response time slow."
"The interface is very old. IBM should remake it into a more modern interface."
"Maybe there should be more custom rules in the exchange. Basically, we are using a lot of threat rules, so maybe they'll develop something like that."
"The solution should improve its UI."
"Sumo Logic needs to make sure integrating solutions are seamless."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"Sumo Logic Security is expensive, and its pricing could be improved."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"The initial setup is the most stressful, like learning how to use it."