Try our new research platform with insights from 80,000+ expert users

ArcSight Enterprise Security Manager (ESM) vs Logz.io comparison

OpenText and Logz.io are both solutions in the Security Information and Event Management (SIEM) category. OpenText is ranked #26 with an average rating of 7.0, while Logz.io is ranked #24 with an average rating of 8.4. OpenText holds a 1.1% mindshare in SIEM, compared to Logz.io’s 0.3% mindshare. Additionally, 88% of OpenText users are willing to recommend the solution, compared to 90% of Logz.io users who would recommend it.
ArcSight Enterprise Securit...
Read 97 ArcSight Enterprise Security Manager (ESM) reviews
  • 2,786 Views
  • 1,451 Comparison Views
88% willing to recommend
Logz.io
Read 8 Logz.io reviews
  • 524 Views
  • 368 Comparison Views
90% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

ArcSight Enterprise Security Manager (ESM) and Logz.io compete in the security event management category. Logz.io seems to have the upper hand due to its modern cloud-native architecture and user-centric features.

Features: ArcSight ESM offers a powerful correlation engine, extensive compliance reporting capabilities, and robust security management. Logz.io provides scalable cloud-based logging, advanced machine learning for insights, and innovative user-centric features.

Room for Improvement: ArcSight ESM users suggest a more intuitive setup process, enhanced reporting functionalities, and reduced complexity. Logz.io users seek better visualization tools, greater integration options, and enhanced machine learning capabilities.

Ease of Deployment and Customer Service: ArcSight ESM often requires dedicated resources for deployment and maintenance, while Logz.io's cloud-based solution simplifies deployment. Users report that Logz.io provides more responsive and efficient customer service, whereas ArcSight's support is sometimes slow but knowledgeable.

Pricing and ROI: ArcSight ESM tends to have higher setup costs and a longer ROI period due to its upfront investment and maintenance. Logz.io offers more flexible pricing and quicker ROI according to user reviews, making it a cost-effective choice for many organizations despite ArcSight's proven capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ArcSight Enterprise Security Manager (ESM) vs. Logz.io Report (Updated: March 2025).
Buyer's Guide
ArcSight Enterprise Security Manager (ESM) vs. Logz.io
March 2025
Download the complete report
Helped 842,690 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Enterprise Securit...
Ranking in Security Information and Event Management (SIEM)
26th
Average Rating
7.8
Reviews Sentiment
7.5
Number of Reviews
97
Ranking in other categories
No ranking in other categories
Logz.io
Ranking in Security Information and Event Management (SIEM)
24th
Average Rating
8.2
Reviews Sentiment
7.5
Number of Reviews
8
Ranking in other categories
Log Management (20th)
 

Mindshare comparison

As of March 2025, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Enterprise Security Manager (ESM) is 1.1%, down from 1.7% compared to the previous year. The mindshare of Logz.io is 0.3%, down from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Ramnesh Dubey - PeerSpot reviewer
Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods
The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.
Read full review
Derrick Brockel - PeerSpot reviewer
The solution is a consistent logging platform that provides excellent query mechanisms
We can query a lot of data points and build dashboards. The vendor is good at adjusting their models. Most companies want us to forecast our yearly use and pay it upfront on day one. With Logz.io, we commit to use 14 TB in a year. However, they measure us every month and give us a monthly bill. Depending on our monthly usage, we pay for 14 TB divided by 12 months or a little extra. It's a little bit more like AWS. Other solutions do not do it. They want their money upfront. We really like the dashboards. We have 36 sub-accounts. Each sub-account is an app, and we could put restrictions on that app. Previously, there were capacity restrictions on the sub-accounts. If we have a sub-account of 1 TB and use only 100 GB, we waste 900 GB that day. We could not share it between sub-accounts. Now, they provide an overhead volume. We do a reserve, and any sub-account could use anything over the reserve. It utilizes our footprint better.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It makes maintenance very easy."
"The webpage algorithm is the most valuable feature because it was the fastest feature for searching the logs, events, and correlation."
"ArcSight gives us better visibility into threats that were unknown earlier."
"I would rate the ease of use for new users an eight out of ten, with ten being easy to use. It is a good tool."
"The user interfaces are quite good and speedy."
"The solution offers very good monitoring."
"I think that the overall experience with this solution is good, but in particular, I think that the dashboards are quite interactive."
"Very good real-time reporting with a good dashboard."
More ArcSight Enterprise Security Manager (ESM) pros
"The visualizations in Kibana are the most valuable feature. It's much more convenient to have a visualization of logs. We can see status really clearly and very fast, with just a couple of clicks."
"The query mechanism for response codes and application health is valuable."
"The tool is simple to setup where it is just plug and play. The tool is reliable and we never had any performance issues."
"InsightOne is the main reason why we use LogMeIn. This is mostly because of log data that we are pushing tools and logs in general."
"The other nice thing about Logz.io is their team. When it comes to onboarding, their support is incredibly proactive. They bring the brand experience from a customer services perspective because their team is always there to help you refine filters and tweak dashboards. That is really a useful thing to have. Their engagement is really supportive."
"We use the product for log collection and monitoring."
"It is massively useful and great for testing. We can just go, find logs, and attach them easily. It has a very quick lookup. Whereas, before we would have to go, dig around, and find the server that the logs were connected to, then go to the server, download the log, and attach it. Now, we can just go straight to this solution, type in the log ID and server ID, and obtain the information that we want."
"We use the tool to track the dev and production environment."
 

Cons

"ArcSight ESM is not easy to use and it should be integrated with other tools that have infrastructure capabilities."
"When we need to consume old events, we have to wait for a long time. ArcSight should improve the database capability to reply to queries faster. It would also be interesting if they implemented network visibility. For example, they could add a feature like NetWitness with a model just for looking through the packets."
"ArcSight ESM needs to improve performance, user interface, and automation."
"The initial setup is very complex. We had to architect a deployment which allowed us to incorporate an ever growing number of customers into our hosted instance of ArcSight."
"I would like to have a feature that gives us an entire report listing what devices are integrated."
"It is quite complex and could use a better UI. So the improvement would be a simplification. It is pretty complicated to use. The architecture is not complex but the setup and use are."
"I am having issues with report generation with older versions. I don't know if this is because of compatibility issues, but report generation has been a little bit difficult in older versions. It is not similar to the newer and current versions. We are looking at moving to the cloud. It would be good if ArcSight ESM can move to the cloud. They already seem to be working on this. It would also be very helpful and great if we can integrate external threat intelligence, machine learning, and AI into this solution. It has good dashboards, but they can always be better. Its stability can also be improved."
"There could be more API features for extracting logs on different devices included in the product."
More ArcSight Enterprise Security Manager (ESM) cons
"The product needs improvement from a filtering perspective."
"Capacity planning could be a little bit of a struggle."
"The price can be cheaper and they should have better monitoring."
"The solution needs to improve its data retention. It should be greater than seven days. The product needs to improve its documentation as well."
"I would like them to improve how they manage releases. Some of our integrations integrate specifically with set versions. Logz.io occasionally releases an update that might break that integration. On one occasion, we found out a little bit too late, then we had to roll it back."
"I would like granularity on alerting so we can get tentative alerts and major alerts, then break it down between the two."
"The solution needs to expand its access control and make it accessible through API."
"When it comes to reducing our troubleshooting time, it depends. When there are no bugs in Logz.io, it reduces troubleshooting by 5 to 10 percent. When there are bugs, it increases our troubleshooting time by 200 percent or more."
 

Pricing and Cost Advice

"ArcSight ESM is an affordable solution, it cost approximately $200,000 for three years. This price was at a substantial discount."
"ArcSight can be a little bit expensive because of the area that we work in and the cost. Licensing is mostly on a yearly basis, not monthly."
"The product licenses are inexpensive."
"The solution is super expensive. At our organization size and license model, I think the price is average to what anyone else would charge us."
"The cost of the solution is not very high, although hiring a qualified analyst to work with the product is expensive."
"ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value."
"Pricing is good, I'd rate the pricing a seven out of ten, with ten being low price. It's better than Splunk and IBM QRadar because their pricing is based on EPS."
"There is a license required for this solution."
More ArcSight Enterprise Security Manager (ESM) pricing and cost advice
"The product's pricing is cheaper than other solutions."
"The product is a little expensive."
"You pay for what you need, and that is a good model. They are also quite happy to talk to you about your uses and your use case. They will even go as far as suggesting things that you don't need to do in order to save you money. At one point, I was quite surprised at how cheap it could be if we wanted it to be or how much they would help us manage our costs."
"At the time it was set up, we thought Logz.io was very reasonable for what we were getting in terms of how much time and hosting costs it was saving us, because you don't have to run the servers for it anymore."
"The tool is an open source product."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
842,690 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
Read full review
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
15%
Manufacturing Company
11%
Government
9%
Computer Software Company
19%
Financial Services Firm
12%
Comms Service Provider
12%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
See all answers
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
See all answers
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.
See all answers
What do you like most about Logz.io?
The query mechanism for response codes and application health is valuable.
See all answers
What is your experience regarding pricing and costs for Logz.io?
The product is a little expensive. We're pushing 17 TB. It costs us one and a half million dollars a year.
See all answers
What needs improvement with Logz.io?
Capacity planning could be a little bit of a struggle. The product must add some AI capabilities to learn from previous behaviors. Instead of us setting thresholds, the tool should learn the thresh...
See all answers
 

Comparisons

Trellix ESM vs ArcSight Enterprise Security Manager (ESM) Logo
Trellix ESM vs ArcSight Enterprise Security Manager (ESM)
Compared 23% of the time
Splunk Enterprise Security vs ArcSight Enterprise Security Manager (ESM) Logo
Splunk Enterprise Security vs ArcSight Enterprise Security Manager (ESM)
Compared 14% of the time
Elastic Security vs ArcSight Enterprise Security Manager (ESM) Logo
Elastic Security vs ArcSight Enterprise Security Manager (ESM)
Compared 10% of the time
Wazuh vs ArcSight Enterprise Security Manager (ESM) Logo
Wazuh vs ArcSight Enterprise Security Manager (ESM)
Compared 8% of the time
IBM Security QRadar vs ArcSight Enterprise Security Manager (ESM) Logo
IBM Security QRadar vs ArcSight Enterprise Security Manager (ESM)
Compared 7% of the time
More ArcSight Enterprise Security Manager (ESM) Competitors
Datadog vs Logz.io Logo
Datadog vs Logz.io
Compared 29% of the time
Coralogix vs Logz.io Logo
Coralogix vs Logz.io
Compared 21% of the time
Grafana Loki vs Logz.io Logo
Grafana Loki vs Logz.io
Compared 14% of the time
Amazon OpenSearch Service vs Logz.io Logo
Amazon OpenSearch Service vs Logz.io
Compared 11% of the time
Wazuh vs Logz.io Logo
Wazuh vs Logz.io
Compared 9% of the time
More Logz.io Competitors
 

Product Reports

Buyer's Guide
ArcSight Enterprise Security Manager (ESM)
March 2025
ArcSight Enterprise Security Manager (ESM) reportDownload ArcSight Enterprise Security Manager (ESM) product report
Buyer's Guide
Logz.io
March 2025
Logz.io reportDownload Logz.io product report
 

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight
Logz
 

Overview

ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.

ArcSight Enterprise Security Manager (ESM) Features

  • Real-time threat detection
  • Visualization and reporting capabilities
  • Patented log management
  • Personalized dashboards
  • Scalable event monitoring
  • Seamless integration with your existing SOC tools
  • Behavior profiling
  • Data and user monitoring
  • Application monitoring
  • Analytics
  • Deployment/support simplicity

ArcSight Enterprise Security Manager (ESM) Benefits

Some of the benefits of using ESM include:

  • Real-time information: ArcSight ESM can correlate data from any source in real-time to detect incidents before they become a breach.
  • Compliance: Optional compliance packs enable packaged reports for PCI, SOX, and IT Governance.
  • Security analytics: With ArcSight ESM, you can build and maintain a security operation center (SOC) through big data security analytics.
  • Integration: ArcSight ESM allows you to integrate SOC with network operations, service desk, CMDB, business intelligence, Hadoop, email security, application security, threat feeds, and more. 
  • Speed: ArcSight ESM provides excellent speed of event collection with patented log management tools. 
  • Advanced detection: ArcSight ESM can detect unusual or unauthorized activities as they occur, preventing business disruptions. 
  • Decrease threat exposure: By implementing ArcSight ESM, you reduce threat exposure because the solution detects threats in real time.  
  • Operational efficiency: ArcSight ESM makes it possible for you to automate responses with ArcSight’s native SOAR, which saves your organization time, and therefore increases your operational efficiency.

Reviews from Real Users

Below are some reviews and helpful feedback written by ArcSight Enterprise Security Manager (ESM) users.

A Head of Professional Services at a computer software company says, “The simplicity of the solution is the most valuable aspect of the product. The product is quite mature. It's been around for a long time. The integration is easy for the most part.”

A Managing partner at a tech services company states that the solution is “Good at consolidating logs, fairly stable, and can scale.” 

PeerSpot user Abbasi P., Vice President Derivatives Ops IT at a financial services firm, explains, “The user interfaces are quite good and speedy, and I like the consoles too. The typology and the setup are also good.”

A Chief Technological Officer at a tech services company says, "It is a very useful tool for intelligence building because it has many use cases and many rule sets."

An Associate Vice President at a consumer goods company comments, “We primarily use the solution for its technology including its independent logs, and those types of things. The solution offers very good monitoring. The product's log management and event management capabilities are excellent. There are a lot of really good analytical components. It helps us focus on analysis.”

OpenText

Logz.io is a leading cloud-native observability platform that enables engineers to use the best open source tools in the market without the complexity of operating, managing, and scaling them. Logz.io offers four products: Log Management built on ELK, Infrastructure Monitoring based on Prometheus, Distributed Tracing based on Jaeger, and an ELK-based Cloud SIEM. These are offered as fully managed, integrated cloud services designed to help engineers monitor, troubleshoot and secure their distributed cloud workloads more effectively. Engineering driven companies like Siemens, Unity and ZipRecruiter use Logz.io to simplify monitoring and security workflows, increasing developer productivity, reducing time to resolve issues, and increasing the performance and security of their mission-critical applications.

Logz.io
 

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
Dish Network, The Economist, Forbes, Holler, Kenshoo, OneSpan, Siemens, Sisense, Unity, ZipRecruiter
Buyer's Guide
ArcSight Enterprise Security Manager (ESM) vs. Logz.io
March 2025
Free Report: ArcSight Enterprise Security Manager (ESM) vs. Logz.io
Find out what your peers are saying about ArcSight Enterprise Security Manager (ESM) vs. Logz.io and other solutions. Updated: March 2025.
DOWNLOAD NOW
842,690 professionals have used our research since 2012.
See our ArcSight Enterprise Security Manager (ESM) vs. Logz.io report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.