• Home
  • ArcSight Logger vs. Splunk Enterprise Security

ArcSight Logger vs Splunk Enterprise Security comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
ArcSight Logger vs. Splunk Enterprise Security
September 2023
Executive Summary

We performed a comparison between ArcSight Logger and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed ArcSight Logger vs. Splunk Enterprise Security Report (Updated: September 2023).
Download the complete report
734,678 professionals have used our research since 2012.
Featured Review
Use ArcSight Logger?
Anat Garty
Excellent support, great visibility, and helpful for digesting any information and correlating it
The visibility that it provides is awesome. You can connect it to whatever you want and create whatever visibility you want. Its insider threat... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The technical support team is good...It is a scalable solution.""The log digestion features from threat intelligence platforms like Recorded Future or Talos are valuable.""We check a lot of logs in ArcSight Logger because we're running a massive database platform.""I am impressed with the product's ability to pick up logs. It also has UEBA which has reduced the time to take charge of the events.""ArcSight's robustness is its most valuable feature."

More ArcSight Logger Pros →

"The indexing and data collection are valuable.""The ability to digest any information and then correlate it in accordance with what you need is valuable. The ability to connect to pretty much everything and bring the information in the same format is also valuable. On top of that, we can use their language in order to create and customize the dashboards, correlations, or analytics that we want to incorporate.""The dashboard and reporting are very good... It provides very good visibility in a hybrid cloud environment, and you can build custom utilization APIs using Splunk.""I haven't had the chance to properly sink my teeth into Enterprise Security but so far I like that they added the MITRE ATT&CK features.""I like Splunk's data aggregation and search capabilities.""The Splunk user community and forum are most valuable.""The UI of Splunk makes it easier for our analysts to move around and see what they need to see.""It is very scalable."

More Splunk Enterprise Security Pros →

Cons
"It is really difficult to work in ArcSight Logger, as it is very slow.""The initial setup was a little bit complex.""Using the ArcSight Logger dashboard is not particularly intuitive or efficient, so it is important to be trained in its use.""The product's connectors should work better and the user manuals need an update.""I had some latency issues for two months. I had to increase our storage capacity significantly to reduce the latency."

More ArcSight Logger Cons →

"Splunk could enhance its services by providing more comprehensive professional assistance aimed at optimizing our investment.""This solution could be improved by better pricing in general and by easier installation.""In the next releases, I would like to see more pricing flexibility.""Splunk could be improved by reducing the cost. The cost is one of the biggest challenges for us in keeping to our production requirements.""We were inundated with the amount of alerts and alarms that we could get out of it. It is also a resource hog and we didn't have the resources to support it on-prem so we're taking it offline now.""The algorithms customization of Splunk could improve. They have limited algorithms for machine learning support. If they can allow the user to add more machine learning algorithms, such as the ability to choose the algorithm that a user might want. Additionally, they should provide the required libraries for those algorithms, and then analyzes the data for use.""It would be nice if they had a wizard to construct searches, including more complex searches that include math or statistics.""While there aren't any major areas where the solution has to be improved, there are certain integrations that are still not available. I would specifically like to see legacy applications integrated."

More Splunk Enterprise Security Cons →

Pricing and Cost Advice
  • "ArcSight is an expensive solution."
  • "I would rate the product a seven out of ten since it's an enterprise product."

    • More ArcSight Logger Pricing and Cost Advice →

  • "The price of Splunk is reasonable."
  • "The subscription is monthly."
  • "It can be cost-prohibitive when you start to scale and have terabytes of data. Its cost model is based on how much data it processes a day. If they're able to create scaled-down niche or custom package offerings, it may help with the cost. Instead of the full-blown features, if they can narrow the scope where it can only be used for a specific purpose, it would kind of create that market for the product, and it may help with the costing. When you start using it as a central aggregator and you're pumping tons of logs at it, pretty soon, you'll start hitting your cap on what it can process a day. Once you've got that, you're kind of defeating the purpose because you're going to have to scale back."
  • "It's a yearly subscription."
  • "This product could use better pricing in general."
  • "The pricing modules could be improved."
  • "This solution is costly. Splunk is obviously a great product, but you should only choose this product if you need all the features provided. Otherwise, if you don't need all the features to meet your requirements, there are probably other products that will be more cost-effective. It's cost versus the functionality requirement."
  • "It is expensive. I used to buy it early on, but then they combined it into a higher-up organization. They buy it for multiple systems now. Last time, I paid around 60K for it. There is just the licensing fee. That's all."

    • More Splunk Enterprise Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    See Recommendations
    734,678 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about ArcSight Logger?
    Top Answer:I am impressed with the product's ability to pick up logs. It also has UEBA which has reduced the time to take charge of the events.
    Read all 16 answers   →
    What is your experience regarding pricing and costs for ArcSight Logger?
    Top Answer:I would rate the product a seven out of ten since it's an enterprise product.
    Read all 9 answers   →
    What needs improvement with ArcSight Logger?
    Top Answer:The product's connectors should work better and the user manuals need an update.
    Read all 17 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    How does Splunk compare with Azure Monitor?
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we… more »
    Read all 2 answers   →
    Ranking
    32nd
    out of 73 in Log Management
    Views
    2,662
    Comparisons
    2,444
    Reviews
    4
    Average Words per Review
    333
    Rating
    6.8
    1st
    out of 73 in Log Management
    Views
    34,098
    Comparisons
    27,998
    Reviews
    62
    Average Words per Review
    739
    Rating
    8.5
    Comparisons
    Also Known As
    Micro Focus Arcsight Logger, HPE Arcsight Logger
    Learn More
    OpenText
    Splunk
    Overview
    HPE ArcSight Data Platform (ADP) offers a future-ready data solution that enriches data in real time and supports open standards for better threat detection. Using security data connectors, ADP collects data and enriches it in real-time to give analysts organized information that can be acted upon instantly.

    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Offer
    Learn more about ArcSight Logger
    Learn More
    Learn more about Splunk Enterprise Security
    Learn More
    Sample Customers
    China Merchants Bank, Bank AlJazira, Banca Intesa
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    REVIEWERS
    Comms Service Provider23%
    Government23%
    Financial Services Firm15%
    Retailer8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm16%
    Government10%
    Comms Service Provider8%
    REVIEWERS
    Financial Services Firm16%
    Computer Software Company15%
    Government11%
    Energy/Utilities Company8%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company15%
    Government10%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business22%
    Midsize Enterprise33%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise16%
    Large Enterprise65%
    REVIEWERS
    Small Business31%
    Midsize Enterprise12%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    Buyer's Guide
    ArcSight Logger vs. Splunk Enterprise Security
    September 2023
    Free Report: ArcSight Logger vs. Splunk Enterprise Security
    Find out what your peers are saying about ArcSight Logger vs. Splunk Enterprise Security and other solutions. Updated: September 2023.
    DOWNLOAD NOW
    734,678 professionals have used our research since 2012.

    ArcSight Logger is ranked 32nd in Log Management with 5 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 71 reviews. ArcSight Logger is rated 6.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of ArcSight Logger writes "Extremely stable and scalable and can manage large amounts of log data". On the other hand, the top reviewer of Splunk Enterprise Security writes "Can be used to find any threats or vulnerabilities inside a user’s environment". ArcSight Logger is most compared with IBM Security QRadar, Elastic Security, VMware Aria Operations for Logs, LogRhythm SIEM and Wazuh, whereas Splunk Enterprise Security is most compared with Wazuh, Microsoft Sentinel, Dynatrace, Elastic Security and Fortinet FortiAnalyzer. See our ArcSight Logger vs. Splunk Enterprise Security report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.