| Type | Title | Date | |
|---|---|---|---|
| Category | Log Management | Mar 7, 2025 | Download |
| Product | Reviews, tips, and advice from real users | Mar 7, 2025 | Download |
| Comparison | ArcSight Logger vs Wazuh | Mar 7, 2025 | Download |
| Comparison | ArcSight Logger vs Splunk Enterprise Security | Mar 7, 2025 | Download |
| Comparison | ArcSight Logger vs Datadog | Mar 7, 2025 | Download |
| Title | Rating | Mindshare | Recommending | |
|---|---|---|---|---|
| Wazuh | 3.7 | 15.0% | 79% | 46 interviewsAdd to research |
| Dynatrace | 4.4 | 5.3% | 95% | 345 interviewsAdd to research |
ArcSight Logger is an impressive tool for collecting and analyzing large amounts of log data. The UEBA feature has reduced event response time, while the provisioning engine is highly valued. The solution is specifically designed to manage large environments of network devices and servers. The log digestion features from threat intelligence platforms are valuable, and it is capable of handling massive database platforms. Users appreciate the speed of search operations and ease of exporting and forwarding logs to other products.
Areas for improvement in ArcSight Logger include better functioning connectors and updated user manuals. Some find the product slow, making it difficult to work with, and the dashboard is not intuitive or efficient, requiring training to use effectively. There have also been issues with storage capacity, and the search mechanism is complicated for new users. There are also performance issues noted by some when ingesting and forwarding data.
ArcSight Logger is seen to be an expensive and difficult enterprise product to set up. Licensing costs are charged yearly and are standard.
Users report positive experiences with ArcSight Logger's customer service and technical support. The support is considered good, with some users praising their cooperation and accommodation during the problem-solving process.
There have been complaints about the availability of level-3 engineers in certain time zones, leading to delays in receiving support.
Some found the initial setup straightforward and easy, while others found it to be time-consuming and complex. There are multiple components to address, and setting up the use cases can also take a significant amount of time.
The scalability of ArcSight Logger is highly praised by its users, with many rating it a 10 out of 10. The solution is easy to expand and add more sources to, with some users having up to 6,000 machines sending logs.
Proper identification of areas that require more resources is important for successful scaling, as the architecture of ArcSight Logger can become complex for larger organizations.
ArcSight Logger is found to be a stable solution.
ArcSight Logger was previously known as Micro Focus Arcsight Logger, HPE Arcsight Logger.
The functionalities of this particular server is absolutely phenomenal. The server has the ability to provide in-depth, real-time awareness of all actives on the network.
The platform also gives the administrators the ability to turn off some of the options displayed in case they don't need to see those specific sections.
The ability to query anything at any time using any specific field required, and the ability to automate the logger storage capabilities are great features.
Before the logger was installed on our network, we were very limited as to what type of information we could get back from our previous logger because the old one didn't have as many functionalities.
With ArcSight Logger, our ability to have a more in-depth look into the network traffic and the ability to save the reports for a set amount of time was a huge improvement.
The only thing I did not particularly like about the product was its speed on the web interface. It took very long for it to populate and perform the queries.
I used this product as a network administrator for two years.
The installation of the server and its agents on the network devices went extremely smoothly. The only issue we had was finding the correct agents to install on our older UNIX-based servers for which we had to contact HP to get information on how to go about acquiring the correct agents.
We have had no issues with the stability.
We had no issues scaling it for our needs.
We never actually had to call customer support because of the technical forums available to all ArcSight users who could share information and help troubleshoot in case anything was wrong or unclear about how to set up and use the system.
We were using a different product for our monitoring and logging services. The reason why we chose to switch over was the in-depth analysis capabilities provided by HP ArcSight which were not previously available to us.
Initially, we had some trouble finding the right agents to install on our servers since we were using some proprietary software on the network, but after we got past that step, everything else was pretty straightforward.
We had one agent come out to our office to assist us with the implementation.
Start using the available resources by registering your product immediately after deploying the unit and contributing to the ArcSight community.
Also, once you decide to go with ArcSight, make sure you go with the complete solution recommended by HP based on the size of your network because that could potentially cause the ArcSight server to perform extremely slow.
