We performed a comparison between ArcSight Logger and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."ArcSight provides the basic information that we want."
"The most valuable feature is the level of detail that you can see about certain events, even when they do not come up in the console."
"We haven't had any crashes or bugs. It is stable."
"The technical support team is good...It is a scalable solution."
"It's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."
"The machine learning is a good feature."
"In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
"In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer."
"The product's initial setup phase was not at all difficult."
"The most valuable feature is the security that it provides."
"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."
"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"Offers a good wireless feature."
"It's not a new product and is a bit complex. So, it requires a person dedicated to working on it and to know about it in and out. It is a huge product, and the search operation is a bit complicated for a new user or someone who has not used it for long. So for that person, it becomes a bit difficult."
"The solution must provide readymade connectors for different applications."
"ArcSight has been sold two or three times, and the quality has decreased."
"It is really difficult to work in ArcSight Logger, as it is very slow."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"I would rate the technical support only 5 out of 10. The technical support is not satisfactory."
"We have had problems with archiving."
"In the next release, I want to see more intelligence."
"The tool's integration capability isn't so great."
"More customizability is required, which is something that they need to improve on."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"It is not so easy to customize this product."
"Technical support could be improved."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
ArcSight Logger is ranked 28th in Log Management with 31 reviews while NetWitness Platform is ranked 19th in Log Management with 36 reviews. ArcSight Logger is rated 7.8, while NetWitness Platform is rated 7.4. The top reviewer of ArcSight Logger writes "A scalable and stable solution that enables users to see all the event logs in one place". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". ArcSight Logger is most compared with Splunk Enterprise Security, IBM Security QRadar, Elastic Security, Wazuh and LogRhythm SIEM, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel. See our ArcSight Logger vs. NetWitness Platform report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.