ArcSight Logger vs USM Anywhere comparison

OpenText and LevelBlue are both solutions in the Log Management category. OpenText is ranked #30 with an average rating of 6.7, while LevelBlue is ranked #44 with an average rating of 7.3. OpenText holds a 0.8% mindshare in Log Management, compared to LevelBlue’s 0.4% mindshare. Additionally, 80% of OpenText users are willing to recommend the solution, compared to 92% of LevelBlue users who would recommend it.

ArcSight Logger

Read 31 ArcSight Logger reviews

1,433 Views
1,292 Comparison Views

80% willing to recommend

USM Anywhere

Read 115 USM Anywhere reviews

1,261 Views
864 Comparison Views

92% willing to recommend

ArcSight Logger

USM Anywhere

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 9, 2024

ArcSight Logger and USM Anywhere compete in the security solutions category. USM Anywhere holds an advantage with its all-in-one SIEM capabilities, while ArcSight Logger is highly regarded for its strong logging features.

Features: ArcSight Logger delivers extensive log management, comprehensive data analysis, and timely threat intelligence updates. Its detailed logging capabilities make it a valuable asset for users focusing on deep log insights. USM Anywhere provides robust threat detection and response features, making it ideal for organizations seeking an integrated approach to security. The platform’s all-in-one capabilities offer a streamlined solution for managing various security needs.

Room for Improvement: ArcSight Logger could enhance scalability, improve reporting features, and simplify its deployment process. USM Anywhere needs better integration with third-party applications, enhancements in automation capabilities, and refined integration features. These changes could significantly enhance their performance and user satisfaction.

Ease of Deployment and Customer Service: ArcSight Logger’s on-premises deployment model can be complex, but its customer service is noted for being responsive and helpful. USM Anywhere benefits from a cloud-based deployment, offering quicker and more flexible implementation, complemented by a proactive support team.

Pricing and ROI: ArcSight Logger’s setup costs are seen as high, potentially affecting ROI negatively. However, its logging detail can justify the cost for specific users. USM Anywhere provides competitive pricing and strong ROI with its comprehensive security features, making it a cost-effective investment for many businesses.

To learn more, read our detailed ArcSight Logger vs. USM Anywhere Report (Updated: April 2025).

Buyer's Guide

ArcSight Logger vs. USM Anywhere

April 2025

Download the complete report

Helped 851,604 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

ArcSight Logger

Ranking in Log Management

30th

Average Rating

7.8

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

No ranking in other categories

USM Anywhere

Ranking in Log Management

44th

Average Rating

8.4

Reviews Sentiment

7.0

Number of Reviews

115

Ranking in other categories

Security Information and Event Management (SIEM) (30th), Endpoint Detection and Response (EDR) (51st), Compliance Management (12th)

Mindshare comparison

As of May 2025, in the Log Management category, the mindshare of ArcSight Logger is 0.8%, down from 1.1% compared to the previous year. The mindshare of USM Anywhere is 0.4%, down from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Log Management

Featured Reviews

Geraldo Freitas

Analista de TI - suporte a redes e segurança at Tribunal de Contas da União

Enhances our security incident investigation but not good for correlation

Investigation is good when you know what you want to search for in Logger. The most difficult part is parsing the logs and configuring the parsers. For investigation, it's good. For correlation, it's not good. We use Sentinel, and Sentinel has pre-built use cases that are much easier to configure. So, it enhances our security incident investigation. We have inbound integration, but configuring the parsers is sometimes very difficult. We only have two use cases where we have a correlation set up. We send the information to Check Point to block IP addresses when we see a lot of blocks from the same source. We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist. So, it offers the ease of integration.

Read full review

Kris Nawani

Co-Founder/Director at Bangkok MSP Company Limited

Offers complete coverage without the need to install additional software

USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"ArcSight's robustness is its most valuable feature."

"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."

"Our return on investment for implementing ArcSight Logger over the past 12 months has been positive."

"We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist."

"The most valuable feature is the level of detail that you can see about certain events, even when they do not come up in the console."

"It's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."

"The machine learning is a good feature."

"It provides in-depth information on business activities once we log into the system."

More ArcSight Logger pros

"There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems."

"Any unusual behaviour, we can monitor. We have alerts set up to be sent when we receive signs of any unusual behaviour."

"The IDS and the threat intelligence are very useful. They are very intuitive and data-rich."

"It is my "security person" looking at irregularities and letting me know when something has occurred."

"This solution can completely detect and prevent incidents on your network."

"The feature that I liked the most is that they have a vulnerability assessment package that comes along with the SIEM solution. So, whenever I find any threat or alert for any of the devices or servers, I could immediately initiate a vulnerability assessment scan on that machine. That is one of a kind. The price at which AlienVault operates is also valuable."

"The pricing is amazing and really cheap."

"The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events."

More USM Anywhere pros

Cons

"The solution could be improved in maintenance settings."

"I would rate the technical support only 5 out of 10. The technical support is not satisfactory."

"You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."

"The platform is quite expensive. They should reduce its cost."

"The console in older versions is not user-friendly."

"In the next release, I want to see more intelligence."

"The solution must provide readymade connectors for different applications."

"The solution should make it possible to integrate network analysis features."

More ArcSight Logger cons

"The solution is a bit complicated. It could be simplified quite a bit."

"There is room for improvement in Log parsing."

"This solution could be easier to use."

"Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira. It is also a bit slow, and its replication engine can be improved."

"The reporting module could be a little easier to handle, as it requires quite some trial and error until you get the reports you want. Also, it would be great to have a graphical interface for the Network Intrusion Detection System's rule management."

"The only room for improvement I can mention is the initial installation procedures. I found that the online installation instructions for the product were missing important details, they lacked necessary steps."

"The dashboard could be improved as well as the level of customization."

"The reporting and dashboards have room for improvement."

More USM Anywhere cons

Pricing and Cost Advice

"We have a lifetime license, so we don't pay a monthly fee."

"The pricing is quite harsh."

"I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."

"Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."

"It's not cheap at all as it's a big product and has been in the market for quite some time now."

"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."

"ArcSight is an expensive solution."

"I would rate the product a seven out of ten since it's an enterprise product."

"It's saved security costs."

"Do the one month trial and try to work out the kinks during it, as it has free support and service hours."

"We pay around $12,000 a year including storage."

"I rate the price of AT&T AlienVault USM a four out of five."

"The pricing is a good value. The key thing is that for the new product, the licensing of it, is subscription-based and it's based on data. Clients need to be really careful when thinking about that, because odds are they're going to need to put a lot more data into it than what they initially estimate, which is going to drive their subscription costs up."

"The vulnerability management solution is worse than buying a Nessus Professional license."

"I don't know exactly, but I know it is based on the number of logs and the retention duration, such as 30 days or something like that. So, the smallest package is about 500 a month for 30 days of logs. There is a virtual machine. You need resources for it. It is a log collecting VM. They provide the software, and you just have to load a virtual machine. So, you're going to incur some CPU RAM and storage for wherever this log collecting appliance is running, which typically is in our cloud and on our platform for the customer."

"So far, I feel the product's pricing is a good value. The technology is decent. You get what you pay for. I think it's fair."

More USM Anywhere pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Log Management solutions are best for your needs.

See recommendations

851,604 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

20%

Computer Software Company

17%

Government

Educational Organization

Computer Software Company

19%

Financial Services Firm

Comms Service Provider

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about ArcSight Logger?

We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist.

See all answers

What is your experience regarding pricing and costs for ArcSight Logger?

The pricing isn't the problem. We have a lifetime license, so we don't pay a monthly fee.

See all answers

What needs improvement with ArcSight Logger?

The solution has room for improvement. We're currently upgrading to the newer version, where they have something like Kafka, a hub for all solutions feeding information into Logger. However, I thin...

See all answers

What do you like most about AT&T AlienVault USM?

The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.

See all answers

What is your experience regarding pricing and costs for AT&T AlienVault USM?

The pricing is amazing and really cheap.

See all answers

What needs improvement with AT&T AlienVault USM?

There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.

See all answers

Comparisons

Splunk Enterprise Security vs ArcSight Logger

Compared 37% of the time

IBM Security QRadar vs ArcSight Logger

Compared 34% of the time

Elastic Security vs ArcSight Logger

Compared 10% of the time

Wazuh vs ArcSight Logger

Compared 8% of the time

Grafana Loki vs ArcSight Logger

Compared 4% of the time

More ArcSight Logger Competitors

AlienVault OSSIM vs USM Anywhere

Compared 27% of the time

Splunk Enterprise Security vs USM Anywhere

Compared 12% of the time

Wazuh vs USM Anywhere

Compared 11% of the time

Rapid7 InsightIDR vs USM Anywhere

Compared 10% of the time

IBM Security QRadar vs USM Anywhere

Compared 8% of the time

More USM Anywhere Competitors

Product Reports

Buyer's Guide

ArcSight Logger

May 2025

Download ArcSight Logger product report

Buyer's Guide

USM Anywhere

April 2025

Download USM Anywhere product report

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger

AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity

Overview

HPE ArcSight Data Platform (ADP) offers a future-ready data solution that enriches data in real time and supports open standards for better threat detection. Using security data connectors, ADP collects data and enriches it in real-time to give analysts organized information that can be acted upon instantly.

OpenText

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

Network asset discovery
Software & services discovery
AWS asset discovery
Azure asset discovery
Google Cloud Platform asset discovery

Analyze

SIEM event correlation, auto-prioritized alarms
User activity monitoring
Up to 90-days of online, searchable events

Detect

Cloud intrusion detection (AWS, Azure, GCP)
Network intrusion detection (NIDS)
Host intrusion detection (HIDS)
Endpoint Detection and Response (EDR)

Respond

Forensics querying
Automate & orchestrate response
Notifications and ticketing

Assess

Vulnerability scanning
Cloud infrastructure assessment
User & asset configuration
Dark web monitoring

Report

Pre-built compliance reporting templates
Pre-built event reporting templates
Customizable views and dashboards
Log storage

LevelBlue

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa

Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom

Buyer's Guide

ArcSight Logger vs. USM Anywhere

April 2025

Free Report: ArcSight Logger vs. USM Anywhere

Find out what your peers are saying about ArcSight Logger vs. USM Anywhere and other solutions. Updated: April 2025.

DOWNLOAD NOW

851,604 professionals have used our research since 2012.

See our ArcSight Logger vs. USM Anywhere report.

See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.