No more typing reviews! Try our Samantha, our new voice AI agent.

ArcSight Logger vs Microsoft Purview Audit comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Logger
Ranking in Log Management
32nd
Average Rating
7.6
Reviews Sentiment
5.8
Number of Reviews
32
Ranking in other categories
No ranking in other categories
Microsoft Purview Audit
Ranking in Log Management
35th
Average Rating
8.2
Reviews Sentiment
5.1
Number of Reviews
4
Ranking in other categories
Microsoft Security Suite (31st)
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of ArcSight Logger is 0.9%, up from 0.7% compared to the previous year. The mindshare of Microsoft Purview Audit is 1.1%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
ArcSight Logger0.9%
Microsoft Purview Audit1.1%
Other98.0%
Log Management
 

Featured Reviews

MA
Sr. Cybersecurity Consultant IT/OT at EJADA
Compliance and cost-effectiveness have improved while critical infrastructure security adapts to evolving needs
ArcSight Logger fulfills compliance requirements and passes audit requirements. It is one of the Aramco standards requirements and is recommended by Aramco for any implementation. Aramco, SABIC, water companies, and electricity companies are critical infrastructure with air-gapped networks. In an air-gapped network, there is no communication going out from that network area to the outside world, even to the corporate network. ArcSight Logger is installed on minimal resources with minimal requirements. There are not many upgrades or new features that come up frequently, though they do occur occasionally.
OK
Cloud Solution Engineer at a computer software company with 51-200 employees
Integrated auditing has strengthened data retention and improved incident investigations
I have seen areas for improvement, specifically in Microsoft Purview Audit or in general about Microsoft. I have had a situation with documentation. I had a customer who wanted to create alerts and they had Microsoft 365 Business Premium. In the documentation, it was noted that this license is enough for creating alerts. When we tried to make them, we noticed they cannot do it with Microsoft 365 E3 because the customer had limited features to manage alerts. The customer had to buy E3. We created Microsoft support requests, and they confirmed that the documentation displayed not the real situation and they have been going to update documentation. The same situation occurred now with implementing Microsoft Purview Audit in the last autumn. eDiscovery was combined with search and content search, and the documentation was not clear at the beginning. It was a little difficult to describe to customers that now it is a part of eDiscovery. Content search is a very simple functionality, while eDiscovery is a little difficult. I am not entirely sure why Microsoft is going in the way of combining these services because they are the same. However, for a customer who has never seen these services, it is difficult to understand quickly. The same situation occurs with litigation holds and some other holds. For any mail, I am trying to keep data. For example, emails are held for a year or two years, ten years, it does not matter. It is difficult to understand where to find this data and where these emails are being held. I need to use eDiscovery to find out all deleted data that was kept somewhere in some hidden folders of the mailbox. Regular customers and regular administrators know that on-premises Exchange, for example, allows them to find the data in some repository and review the list of kept data. However, with this hold, we do not have any functionality to review the list of kept data. It is difficult to understand for customers how to work with this. I had a case where I spent three or four hours working deeply with a customer to explain how to work with eDiscovery, why Content Search is not there when it was before, what is an eDiscovery case, and why we are talking about all of this just to review a list of kept emails. This is difficult.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Our return on investment for implementing ArcSight Logger over the past 12 months has been positive."
"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand."
"The machine learning is a good feature."
"In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer."
"We check a lot of logs in ArcSight Logger because we're running a massive database platform."
"The most valuable feature is the level of detail that you can see about certain events, even when they do not come up in the console."
"It benefits the organization by identifying the threats ranging from the most basic ones to many advanced ones."
"The technical support team is good...It is a scalable solution."
"The main Microsoft feature is that it offers common integration of services, of data, of identity, meaning user accounts, user access, and privileged access."
"The overall user experience with Microsoft Purview Audit is of higher quality than when it was branded as Compliance Center, and Microsoft consistently updates and evolves functionalities and the overall experience."
"The platform has significantly enhanced our operational insight into the overall Microsoft 365 environment."
"We're easily saving at least one hour per day using this solution."
 

Cons

"The graphics and dashboard could be improved."
"The solution should make it possible to integrate network analysis features."
"The platform is quite expensive. They should reduce its cost."
"The only drawback is that without ESM, you are limited."
"The solution could be improved in maintenance settings."
"They are migrating to Splunk because ArcSight Logger doesn't have those features for user or customer behavior analysis."
"ArcSight Logger is an outdated product. It hasn't been changed in the last ten years."
"ArcSight has been sold two or three times, and the quality has decreased."
"Areas for product improvement include enhancing customization options and integrating more comprehensive compliance features."
"I had a case where I spent three or four hours working deeply with a customer to explain how to work with eDiscovery, why Content Search is not there when it was before, what is an eDiscovery case, and why we are talking about all of this just to review a list of kept emails."
"We are still in the early stages of leveraging Microsoft Purview Audit. Currently, it's primarily used for the audit function."
"We do have a Denial of Access happening."
 

Pricing and Cost Advice

"It's not cheap at all as it's a big product and has been in the market for quite some time now."
"We have a lifetime license, so we don't pay a monthly fee."
"ArcSight is an expensive solution."
"The pricing is quite harsh."
"Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."
"I would rate the product a seven out of ten since it's an enterprise product."
"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."
"I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."
Information not available
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
11%
Financial Services Firm
9%
Manufacturing Company
9%
Comms Service Provider
7%
Financial Services Firm
13%
Computer Software Company
11%
Construction Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise9
Large Enterprise17
No data available
 

Questions from the Community

What needs improvement with ArcSight Logger?
This decision is made by higher management as they don't want to have multiple solutions for one solution. ArcSight Logger themselves don't provide good support, but companies such as ours provide ...
What is your primary use case for ArcSight Logger?
We do work for multiple SIEM solutions such as Splunk, QRadar, LogRhythm. My team and I mostly work on ArcSight Logger and Splunk because we are dealing with projects related to these solutions. We...
What advice do you have for others considering ArcSight Logger?
As a department head, my staff uses my credentials and contacts everywhere. Only ArcSight Logger with Splunk was implemented in Aramco, not in other organizations. I rate ArcSight Logger 8 out of 10.
What is your experience regarding pricing and costs for Microsoft Purview Audit?
It is not so expensive in comparison with other products, but I can tell you about an example.
What needs improvement with Microsoft Purview Audit?
I have seen areas for improvement, specifically in Microsoft Purview Audit or in general about Microsoft. I have had a situation with documentation. I had a customer who wanted to create alerts and...
What is your primary use case for Microsoft Purview Audit?
I work with Defender for IoT by chance because I see that we have enough reviews for Defender for Office 365 today, and we need reviews for some Azure products. I work with Azure products such as L...
 

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger
No data available
 

Overview

 

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa
Information Not Available
Find out what your peers are saying about ArcSight Logger vs. Microsoft Purview Audit and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.