No more typing reviews! Try our Samantha, our new voice AI agent.

ArcSight Logger vs Security Onion comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Logger
Ranking in Log Management
32nd
Average Rating
7.6
Reviews Sentiment
5.8
Number of Reviews
32
Ranking in other categories
No ranking in other categories
Security Onion
Ranking in Log Management
25th
Average Rating
7.2
Reviews Sentiment
7.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of ArcSight Logger is 0.9%, up from 0.7% compared to the previous year. The mindshare of Security Onion is 1.9%, down from 5.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
Security Onion1.9%
ArcSight Logger0.9%
Other97.2%
Log Management
 

Featured Reviews

MA
Sr. Cybersecurity Consultant IT/OT at EJADA
Compliance and cost-effectiveness have improved while critical infrastructure security adapts to evolving needs
ArcSight Logger fulfills compliance requirements and passes audit requirements. It is one of the Aramco standards requirements and is recommended by Aramco for any implementation. Aramco, SABIC, water companies, and electricity companies are critical infrastructure with air-gapped networks. In an air-gapped network, there is no communication going out from that network area to the outside world, even to the corporate network. ArcSight Logger is installed on minimal resources with minimal requirements. There are not many upgrades or new features that come up frequently, though they do occur occasionally.
HJ
Manager at teshama
Centralized threat monitoring has improved visibility but demands complex setup and configuration
The best features Security Onion offers include acting as the intrusion detection system in my organization and helping me to address traffic, logs, and events happening within the organization. Since Security Onion is an open-source system that integrates with tools like Suricata and Zeek with the ELK stack, it enables threat detection and response capabilities, delivering high-level security measures at a cost, making it suitable for businesses of varying skill levels. These integrations with Suricata and Zeek have greatly impacted our workflow and our team's effectiveness by helping us address issues such as identifying intrusions, evaluating threats, and overseeing log files. This tool is very cost-effective, making it suitable for any size of organization wanting to use it.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution provides information about the risk factors."
"I am impressed with the product's ability to pick up logs. It also has UEBA which has reduced the time to take charge of the events."
"This product was used to help us get PCI compliant, and its automated functions made it easier so we could concentrate more on real issues instead of standard log collecting and alerting issues."
"Our return on investment for implementing ArcSight Logger over the past 12 months has been positive."
"The solution is scalable, and we have approximately 6,000 machines sending logs."
"Data correlation, which unfortunately only comes with an ESM module, is the most valuable feature for us."
"In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
"The solution offers very good performance and is efficient."
"Security Onion is the most mature solution in the market."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"Security Onion has positively impacted my organization by greatly improving our security posture, making alert triage easier to handle, simplifying the analysis of threats, and decreasing the cost of threat analysis and detection."
"We use Security Onion for internal vulnerability assessment."
 

Cons

"The solution must provide readymade connectors for different applications."
"The original Connector Appliance peaked its events-per-second limit much sooner than anticipated and required us to purchase another, and significantly larger, appliance."
"Using the ArcSight Logger dashboard is not particularly intuitive or efficient, so it is important to be trained in its use."
"The solution could be improved in maintenance settings."
"Scaling this product is painful."
"The product's connectors should work better and the user manuals need an update."
"The only drawback is that without ESM, you are limited."
"I think the ArcSight team should try to simplify legacy products for the customers, because that product is not easy to use or to work with. It needs more more competency or appeal to use. We hope Micro Focus is trying to resolve this."
"Security Onion's user interface could be improved."
"The initial setup of the solution is a little bit difficult."
"The product is not easy to learn."
"For Security Onion, setting up and configuring the system can be quite challenging for newcomers due to the need for a grasp of networking and security concepts."
 

Pricing and Cost Advice

"The pricing is quite harsh."
"ArcSight is an expensive solution."
"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."
"It's not cheap at all as it's a big product and has been in the market for quite some time now."
"Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."
"I would rate the product a seven out of ten since it's an enterprise product."
"We have a lifetime license, so we don't pay a monthly fee."
"I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."
"It is an open-source solution."
"Security Onion is a free solution."
"Security Onion is an open-source solution."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
11%
Financial Services Firm
9%
Manufacturing Company
9%
Comms Service Provider
7%
University
12%
Comms Service Provider
11%
Government
10%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise9
Large Enterprise17
No data available
 

Questions from the Community

What needs improvement with ArcSight Logger?
This decision is made by higher management as they don't want to have multiple solutions for one solution. ArcSight Logger themselves don't provide good support, but companies such as ours provide ...
What is your primary use case for ArcSight Logger?
We do work for multiple SIEM solutions such as Splunk, QRadar, LogRhythm. My team and I mostly work on ArcSight Logger and Splunk because we are dealing with projects related to these solutions. We...
What advice do you have for others considering ArcSight Logger?
As a department head, my staff uses my credentials and contacts everywhere. Only ArcSight Logger with Splunk was implemented in Aramco, not in other organizations. I rate ArcSight Logger 8 out of 10.
Ask a question
Earn 20 points
 

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger
No data available
 

Overview

 

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa
Information Not Available
Find out what your peers are saying about ArcSight Logger vs. Security Onion and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.