We performed a comparison between ArcSight Logger, Splunk Enterprise Security, and USM Anywhere based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Wazuh, Datadog and others in Log Management."The ability to customize the solution in great detail is its most valuable features. We can customize the use cases and also have the ability to do scripting. We can personalize our dashboard as well. The scalability the solution offers is quite impressive."
"The machine learning is a good feature."
"ArcSight's robustness is its most valuable feature."
"The most valuable feature is the search capability, which is simple to use."
"It is one of the best products available in the market."
"Our return on investment for implementing ArcSight Logger over the past 12 months has been positive."
"The solution provides information about the risk factors."
"The technical support team is good...It is a scalable solution."
"Splunk is stable, and this is why many customers want it."
"It can log more logs than other solutions. It's a good way to troubleshoot problems."
"The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions."
"Splunk Enterprise Security's dashboards are a key asset."
"My favorite example of improving of organization is saving a $60k/mo in payroll fraud and $10k/mo in wasted API credits by using simple searches and clear reports."
"The solution is stable and reliable."
"it can explain to management about what kind of traffic is visiting the network. It can also explain other traffic coming in and out, along with protecting against malware."
"The UI of Splunk makes it easier for our analysts to move around and see what they need to see."
"The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful."
"AlienVault provides a checklist answer when using SIEM."
"It has allowed us to see what is happening on our servers."
"This is a USM, so being able to get all the features under one roof makes it a good product with good new features."
"There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems."
"The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization."
"Ease of deployment across various environments."
"AlienVault has an advanced component within one package. With this, we can cover more area with one solution."
"In the next release, I want to see more intelligence."
"It would be better if the product is cheaper."
"It's not a new product and is a bit complex. So, it requires a person dedicated to working on it and to know about it in and out. It is a huge product, and the search operation is a bit complicated for a new user or someone who has not used it for long. So for that person, it becomes a bit difficult."
"The console in older versions is not user-friendly."
"It is really difficult to work in ArcSight Logger, as it is very slow."
"I think the ArcSight team should try to simplify legacy products for the customers, because that product is not easy to use or to work with. It needs more more competency or appeal to use. We hope Micro Focus is trying to resolve this."
"The product's connectors should work better and the user manuals need an update."
"The platform is quite expensive. They should reduce its cost."
"Writing queries is a bit complicated sometimes."
"The solution could improve by making it more business analysis oriented. The way it is now is designed more for developers."
"Enterprise security: Splunk must work on clarifying the solution to customers and explain how to gain more from it."
"While Splunkbase (the app repository) has a lot of great content, some apps are terribly old and could stand to be updated or purged."
"The solution should also have more advanced capabilities in comparison with QRadar, which offers Watson."
"The configuration could be better."
"The difficult part is related to integration with sources of data that are used to create the logs as this depends on the infrastructure of the client."
"Professional support is great, but too expensive."
"Different functions to customize reports should be added."
"The reporting and dashboards have room for improvement."
"Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira. It is also a bit slow, and its replication engine can be improved."
"The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case."
"The GUI needs to improve because it's not user-friendly."
"The reporting module could be a little easier to handle, as it requires quite some trial and error until you get the reports you want. Also, it would be great to have a graphical interface for the Network Intrusion Detection System's rule management."
"It would be nice to see some machine learning and monitoring of the configuration in network devices."
"We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up."
