Try our new research platform with insights from 80,000+ expert users

ArcSight Logger vs Security Onion comparison

OpenText and Security Onion Solutions, LLC are both solutions in the Log Management category. OpenText is ranked #31 with an average rating of 6.7, while Security Onion Solutions, LLC is ranked #18 with an average rating of 7.7. OpenText holds a 0.8% mindshare in Log Management, compared to Security Onion Solutions, LLC’s 5.5% mindshare. Additionally, 80% of OpenText users are willing to recommend the solution, compared to 66% of Security Onion Solutions, LLC users who would recommend it.
ArcSight Logger
Read 31 ArcSight Logger reviews
  • 1,469 Views
  • 1,332 Comparison Views
80% willing to recommend
Security Onion
Read 3 Security Onion reviews
  • 6,709 Views
  • 5,768 Comparison Views
66% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 9, 2024

ArcSight Logger and Security Onion are well-regarded tools in the field of cybersecurity. ArcSight Logger leads with pricing and customer support, while Security Onion stands out for its feature-rich offerings.

Features: ArcSight Logger is known for its strong log management capabilities, detailed reporting, and reliable performance. Security Onion, favored for its versatile analytics, open-source nature, and flexible adaptability, offers unique advantages that appeal to many users seeking comprehensive security solutions.

Room for Improvement: ArcSight Logger could improve in integration flexibility, scalability, and user interface intuitiveness. Security Onion might enhance its update processes, expand usability documentation, and further develop customer support resources to meet growing user needs. Request for better integration is notably higher among ArcSight Logger users.

Ease of Deployment and Customer Service: ArcSight Logger receives mixed assessments for deployment complexity but benefits from a robust customer service framework. In comparison, Security Onion is commended for its straightforward deployment process, though its customer service has opportunities for enhancement.

Pricing and ROI: ArcSight Logger is associated with higher setup costs yet provides significant returns for specific scenarios. Security Onion offers a more cost-effective solution, attractive to those preferring open-source, with both systems delivering favorable ROI as reported by users.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ArcSight Logger vs. Security Onion Report (Updated: April 2025).
Buyer's Guide
ArcSight Logger vs. Security Onion
April 2025
Download the complete report
Helped 850,028 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Logger
Ranking in Log Management
31st
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
31
Ranking in other categories
No ranking in other categories
Security Onion
Ranking in Log Management
18th
Average Rating
7.6
Reviews Sentiment
5.5
Number of Reviews
3
Ranking in other categories
AWS Marketplace (5th)
 

Mindshare comparison

As of May 2025, in the Log Management category, the mindshare of ArcSight Logger is 0.8%, down from 1.1% compared to the previous year. The mindshare of Security Onion is 5.5%, up from 3.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Geraldo Freitas - PeerSpot reviewer
Enhances our security incident investigation but not good for correlation
Investigation is good when you know what you want to search for in Logger. The most difficult part is parsing the logs and configuring the parsers. For investigation, it's good. For correlation, it's not good. We use Sentinel, and Sentinel has pre-built use cases that are much easier to configure. So, it enhances our security incident investigation. We have inbound integration, but configuring the parsers is sometimes very difficult. We only have two use cases where we have a correlation set up. We send the information to Check Point to block IP addresses when we see a lot of blocks from the same source. We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist. So, it offers the ease of integration.
Read full review
Jörg Kippe - PeerSpot reviewer
A mature and affordable solution that is easy to install and easy to update
The product takes time to learn, it's not that easy. In the beginning we had a lot of questions. If you want to use such a tool in an real (industrial) environment, you have to ask how to get the network data. Can we do a full packet capture? Can we provide agents to our end systems? There are no simple solutions to these questions. It's a general problem when running such systems in an industrial environment.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the level of detail that you can see about certain events, even when they do not come up in the console."
"It's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."
"In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer."
"ArcSight provides the basic information that we want."
"It's an efficient solution."
"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
"I am impressed with the product's ability to pick up logs. It also has UEBA which has reduced the time to take charge of the events."
"It provides in-depth information on business activities once we log into the system."
More ArcSight Logger pros
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"Security Onion is the most mature solution in the market."
"We use Security Onion for internal vulnerability assessment."
 

Cons

"We find that the search and access functionality is quite slow."
"It would be better if the product is cheaper."
"You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."
"The integration with other systems could be improved."
"I would rate the technical support only 5 out of 10. The technical support is not satisfactory."
"The next release should have AI capabilities."
"The solution could be improved in maintenance settings."
"It is really difficult to work in ArcSight Logger, as it is very slow."
More ArcSight Logger cons
"Security Onion's user interface could be improved."
"The product is not easy to learn."
"The initial setup of the solution is a little bit difficult."
 

Pricing and Cost Advice

"We have a lifetime license, so we don't pay a monthly fee."
"I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."
"It's not cheap at all as it's a big product and has been in the market for quite some time now."
"ArcSight is an expensive solution."
"The pricing is quite harsh."
"I would rate the product a seven out of ten since it's an enterprise product."
"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."
"Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."
"It is an open-source solution."
"Security Onion is an open-source solution."
"Security Onion is a free solution."
report
See which vendors are best for you
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
See recommendations
850,028 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
17%
Government
8%
Educational Organization
6%
University
12%
Computer Software Company
11%
Government
11%
Comms Service Provider
11%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about ArcSight Logger?
We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist.
See all answers
What is your experience regarding pricing and costs for ArcSight Logger?
The pricing isn't the problem. We have a lifetime license, so we don't pay a monthly fee.
See all answers
What needs improvement with ArcSight Logger?
The solution has room for improvement. We're currently upgrading to the newer version, where they have something like Kafka, a hub for all solutions feeding information into Logger. However, I thin...
See all answers
What do you like most about Security Onion?
The most valuable feature of Security Onion for security monitoring is its ability to find infected ports.
See all answers
What is your experience regarding pricing and costs for Security Onion?
Security Onion is an open-source solution. On a scale from one to ten, where ten is expensive and one is cheap, I rate the solution's pricing a six out of ten.
See all answers
What needs improvement with Security Onion?
The initial setup of the solution is a little bit difficult.
See all answers
 

Comparisons

Splunk Enterprise Security vs ArcSight Logger Logo
Splunk Enterprise Security vs ArcSight Logger
Compared 37% of the time
IBM Security QRadar vs ArcSight Logger Logo
IBM Security QRadar vs ArcSight Logger
Compared 35% of the time
Elastic Security vs ArcSight Logger Logo
Elastic Security vs ArcSight Logger
Compared 8% of the time
Wazuh vs ArcSight Logger Logo
Wazuh vs ArcSight Logger
Compared 8% of the time
Grafana Loki vs ArcSight Logger Logo
Grafana Loki vs ArcSight Logger
Compared 5% of the time
More ArcSight Logger Competitors
Wazuh vs Security Onion Logo
Wazuh vs Security Onion
Compared 60% of the time
Elastic Stack vs Security Onion Logo
Elastic Stack vs Security Onion
Compared 11% of the time
Splunk Enterprise Security vs Security Onion Logo
Splunk Enterprise Security vs Security Onion
Compared 9% of the time
Graylog vs Security Onion Logo
Graylog vs Security Onion
Compared 6% of the time
Kali Linux vs Security Onion Logo
Kali Linux vs Security Onion
Compared 4% of the time
More Security Onion Competitors
 

Product Reports

Buyer's Guide
ArcSight Logger
May 2025
ArcSight Logger reportDownload ArcSight Logger product report
Buyer's Guide
Log Management
April 2025
Security Onion reportDownload Security Onion product report
 

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger
No data available
 

Overview

HPE ArcSight Data Platform (ADP) offers a future-ready data solution that enriches data in real time and supports open standards for better threat detection. Using security data connectors, ADP collects data and enriches it in real-time to give analysts organized information that can be acted upon instantly.
OpenText

Security Onion is an open-source Linux distribution for intrusion detection, network security monitoring, and log management. It offers comprehensive solutions for enterprises seeking to enhance their cybersecurity infrastructure.

Security Onion provides a full suite of tools to detect and respond to cybersecurity threats efficiently. As a robust and versatile distribution, it includes capabilities for real-time analysis, network visibility, and threat detection, making it indispensable for security operations centers. Users value this tool for its integration of open-source software with advanced analytics, affording professionals a detailed overview of network traffic and potential intrusions.

What are Security Onion’s most important features?
  • Intrusion Detection: Utilizes Suricata or Zeek for effective threat monitoring.
  • Network Security Monitoring: Offers powerful visualization tools for network analysis.
  • Log Management: Centralizes log collection and analysis.
  • Comprehensive Dashboards: Provides integrated dashboards for threat visibility.
What benefits or ROI should you look for in reviews?
  • Cost Efficiency: Reduced cybersecurity costs due to its open-source nature.
  • Improved Threat Detection: Enhanced ability to identify and respond to threats quickly.
  • Integration Capability: Seamless integration with existing security infrastructures.
  • Scalability: Support for scaling network security operations as needed.

Security Onion finds extensive application in industries such as finance, healthcare, and government sectors, where robust network monitoring is critical. Its ability to integrate with existing security tools makes it a preferred choice for organizations looking to strengthen their cybersecurity posture.

Security Onion Solutions, LLC
 

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa
Information Not Available
Buyer's Guide
ArcSight Logger vs. Security Onion
April 2025
Free Report: ArcSight Logger vs. Security Onion
Find out what your peers are saying about ArcSight Logger vs. Security Onion and other solutions. Updated: April 2025.
DOWNLOAD NOW
850,028 professionals have used our research since 2012.
See our ArcSight Logger vs. Security Onion report.
See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.