Try our new research platform with insights from 80,000+ expert users

ArcSight Enterprise Security Manager (ESM) vs Logz.io comparison

OpenText and Logz.io are both solutions in the Security Information and Event Management (SIEM) category. OpenText is ranked #14 with an average rating of 7.1, while Logz.io is ranked #25 with an average rating of 8.4. OpenText holds a 1.2% mindshare in SIEM, compared to Logz.io’s 0.3% mindshare. Additionally, 88% of OpenText users are willing to recommend the solution, compared to 90% of Logz.io users who would recommend it.
ArcSight Enterprise Securit...
Read 96 ArcSight Enterprise Security Manager (ESM) reviews
  • 3,830 Views
  • 1,817 Comparison Views
88% willing to recommend
Logz.io
Read 8 Logz.io reviews
  • 652 Views
  • 455 Comparison Views
90% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

ArcSight Enterprise Security Manager (ESM) and Logz.io compete in the security event management category. Logz.io seems to have the upper hand due to its modern cloud-native architecture and user-centric features.

Features: ArcSight ESM offers a powerful correlation engine, extensive compliance reporting capabilities, and robust security management. Logz.io provides scalable cloud-based logging, advanced machine learning for insights, and innovative user-centric features.

Room for Improvement: ArcSight ESM users suggest a more intuitive setup process, enhanced reporting functionalities, and reduced complexity. Logz.io users seek better visualization tools, greater integration options, and enhanced machine learning capabilities.

Ease of Deployment and Customer Service: ArcSight ESM often requires dedicated resources for deployment and maintenance, while Logz.io's cloud-based solution simplifies deployment. Users report that Logz.io provides more responsive and efficient customer service, whereas ArcSight's support is sometimes slow but knowledgeable.

Pricing and ROI: ArcSight ESM tends to have higher setup costs and a longer ROI period due to its upfront investment and maintenance. Logz.io offers more flexible pricing and quicker ROI according to user reviews, making it a cost-effective choice for many organizations despite ArcSight's proven capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ArcSight Enterprise Security Manager (ESM) vs. Logz.io Report (Updated: October 2024).
Buyer's Guide
ArcSight Enterprise Security Manager (ESM) vs. Logz.io
October 2024
Download the complete report
Helped 814,649 peers since 2012
 

Categories and Ranking

ArcSight Enterprise Securit...
Ranking in Security Information and Event Management (SIEM)
14th
Average Rating
7.8
Number of Reviews
96
Ranking in other categories
No ranking in other categories
Logz.io
Ranking in Security Information and Event Management (SIEM)
25th
Average Rating
8.2
Number of Reviews
8
Ranking in other categories
Log Management (21st)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Enterprise Security Manager (ESM) is 1.2%, down from 1.8% compared to the previous year. The mindshare of Logz.io is 0.3%, down from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Ramnesh Dubey - PeerSpot reviewer
Feb 14, 2024
Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods
The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.
Read full review
Derrick Brockel - PeerSpot reviewer
Dec 12, 2023
The solution is a consistent logging platform that provides excellent query mechanisms
We can query a lot of data points and build dashboards. The vendor is good at adjusting their models. Most companies want us to forecast our yearly use and pay it upfront on day one. With Logz.io, we commit to use 14 TB in a year. However, they measure us every month and give us a monthly bill. Depending on our monthly usage, we pay for 14 TB divided by 12 months or a little extra. It's a little bit more like AWS. Other solutions do not do it. They want their money upfront. We really like the dashboards. We have 36 sub-accounts. Each sub-account is an app, and we could put restrictions on that app. Previously, there were capacity restrictions on the sub-accounts. If we have a sub-account of 1 TB and use only 100 GB, we waste 900 GB that day. We could not share it between sub-accounts. Now, they provide an overhead volume. We do a reserve, and any sub-account could use anything over the reserve. It utilizes our footprint better.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It makes maintenance very easy."
"The tool sends an automated mail to all the operators, which makes it easy to share the information and reporting.​"
"The solution offers very good monitoring."
"The stability of ArcSight Enterprise Security Manager is good."
"I really like the correlation part and the way the logs are correlated. I have never faced issues with parsing in this product. I like the way it parses, and everything is so clear to me."
"We have been satisfied with the support."
"It gives better overall visibility. Before, we didn't have a unified system for managing security alerts. ArcSight introduced various alerts, giving us a better visibility of potential problems."
"We use ArcSight ESM for log analysis and security alerts. It warns us of threats and then helps us conduct a forensic investigation of a cyber attack or internal incident after it happens."
More ArcSight Enterprise Security Manager (ESM) pros
"InsightOne is the main reason why we use LogMeIn. This is mostly because of log data that we are pushing tools and logs in general."
"We use the product for log collection and monitoring."
"We use the tool to track the dev and production environment."
"It is massively useful and great for testing. We can just go, find logs, and attach them easily. It has a very quick lookup. Whereas, before we would have to go, dig around, and find the server that the logs were connected to, then go to the server, download the log, and attach it. Now, we can just go straight to this solution, type in the log ID and server ID, and obtain the information that we want."
"The visualizations in Kibana are the most valuable feature. It's much more convenient to have a visualization of logs. We can see status really clearly and very fast, with just a couple of clicks."
"The tool is simple to setup where it is just plug and play. The tool is reliable and we never had any performance issues."
"The query mechanism for response codes and application health is valuable."
"The other nice thing about Logz.io is their team. When it comes to onboarding, their support is incredibly proactive. They bring the brand experience from a customer services perspective because their team is always there to help you refine filters and tweak dashboards. That is really a useful thing to have. Their engagement is really supportive."
 

Cons

"Customer service during the transition from HPE to Micro Focus was abysmal where it became disruptive to our service delivery."
"I would like for them to integrate mobile devices. Integration or any kind of functionality which will act as a substitute for IBM so that we can really track our mobile devices as well as look at SIEM."
"ArcSight ESM needs to improve performance, user interface, and automation."
"The initial setup could be more straightforward."
"The correlation engine effectively connects different events, significantly improving our detection reach. However, limitations exist with non-default alerts, where additional costs arise for integration."
"When I asked our networking juniors for a comparison between LogRhythm and ArcSight, they said that both platforms are almost the same. It is just that LogRhythm is more modern with a digital platform, which probably gives it some advantage over ArcSight. ArcSight is a very old and mature product that is running on an old platform. It is an old legacy platform. In terms of new features, it just requires platform upgrades so that it becomes lighter and easily adaptable, specifically in the cloud. It would be a good thing if they can also make reporting easier."
"We have pricing issues. ArcSight ESM may not be the most user-friendly option, and its interface is quite traditional. However, despite these aspects, we find it a good cybersecurity solution. It needs to improve the dashboards, documentation, and support as well."
"It would be nice to have it on the cloud so that you can deploy it easily, saving time and resources."
More ArcSight Enterprise Security Manager (ESM) cons
"The solution needs to expand its access control and make it accessible through API."
"Capacity planning could be a little bit of a struggle."
"When it comes to reducing our troubleshooting time, it depends. When there are no bugs in Logz.io, it reduces troubleshooting by 5 to 10 percent. When there are bugs, it increases our troubleshooting time by 200 percent or more."
"The solution needs to improve its data retention. It should be greater than seven days. The product needs to improve its documentation as well."
"I would like granularity on alerting so we can get tentative alerts and major alerts, then break it down between the two."
"The product needs improvement from a filtering perspective."
"The price can be cheaper and they should have better monitoring."
"I would like them to improve how they manage releases. Some of our integrations integrate specifically with set versions. Logz.io occasionally releases an update that might break that integration. On one occasion, we found out a little bit too late, then we had to roll it back."
 

Pricing and Cost Advice

"Thanks to Micro Focus's licensing model, as an MSSP, we are able to see a complete return on our investment almost immediately."
"ArcSight can be a little bit expensive because of the area that we work in and the cost. Licensing is mostly on a yearly basis, not monthly."
"The cost of the solution is not very high, although hiring a qualified analyst to work with the product is expensive."
"ArcSight ESM is an affordable solution, it cost approximately $200,000 for three years. This price was at a substantial discount."
"There is a license required for this solution."
"Price-wise, ArcSight ESM was a bit high compared to competitors, which factored into our decision to switch to Splunk. It couldn't cover all our business needs for what we wanted to implement."
"We're paying a fee for an MSSP, and the cost of the total cost of ArcSight ESM was approximately three to four million dollars a year. The price was less than similar solutions. We did not have additional fees."
"Aggregation can help a lot in pushing down licensing costs."
More ArcSight Enterprise Security Manager (ESM) pricing and cost advice
"The product's pricing is cheaper than other solutions."
"The product is a little expensive."
"You pay for what you need, and that is a good model. They are also quite happy to talk to you about your uses and your use case. They will even go as far as suggesting things that you don't need to do in order to save you money. At one point, I was quite surprised at how cheap it could be if we wanted it to be or how much they would help us manage our costs."
"The tool is an open source product."
"At the time it was set up, we thought Logz.io was very reasonable for what we were getting in terms of how much time and hosting costs it was saving us, because you don't have to run the servers for it anymore."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
814,649 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
Read full review
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
14%
Manufacturing Company
10%
Government
10%
Computer Software Company
15%
Financial Services Firm
12%
Healthcare Company
11%
Comms Service Provider
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
See all answers
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
See all answers
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
ArcSight is expensive.
See all answers
What do you like most about Logz.io?
The query mechanism for response codes and application health is valuable.
See all answers
What is your experience regarding pricing and costs for Logz.io?
The product is a little expensive. We're pushing 17 TB. It costs us one and a half million dollars a year.
See all answers
What needs improvement with Logz.io?
Capacity planning could be a little bit of a struggle. The product must add some AI capabilities to learn from previous behaviors. Instead of us setting thresholds, the tool should learn the thresh...
See all answers
 

Comparisons

Splunk Enterprise Security vs ArcSight Enterprise Security Manager (ESM) Logo
Splunk Enterprise Security vs ArcSight Enterprise Security Manager (ESM)
Compared 23% of the time
Trellix ESM vs ArcSight Enterprise Security Manager (ESM) Logo
Trellix ESM vs ArcSight Enterprise Security Manager (ESM)
Compared 13% of the time
IBM Security QRadar vs ArcSight Enterprise Security Manager (ESM) Logo
IBM Security QRadar vs ArcSight Enterprise Security Manager (ESM)
Compared 9% of the time
Elastic Security vs ArcSight Enterprise Security Manager (ESM) Logo
Elastic Security vs ArcSight Enterprise Security Manager (ESM)
Compared 8% of the time
ArcSight Intelligence vs ArcSight Enterprise Security Manager (ESM) Logo
ArcSight Intelligence vs ArcSight Enterprise Security Manager (ESM)
Compared 7% of the time
More ArcSight Enterprise Security Manager (ESM) Competitors
Datadog vs Logz.io Logo
Datadog vs Logz.io
Compared 37% of the time
Coralogix vs Logz.io Logo
Coralogix vs Logz.io
Compared 23% of the time
Wazuh vs Logz.io Logo
Wazuh vs Logz.io
Compared 11% of the time
Grafana Loki vs Logz.io Logo
Grafana Loki vs Logz.io
Compared 11% of the time
Graylog vs Logz.io Logo
Graylog vs Logz.io
Compared 9% of the time
More Logz.io Competitors
 

Product Reports

Buyer's Guide
ArcSight Enterprise Security Manager (ESM)
November 2024
ArcSight Enterprise Security Manager (ESM) reportDownload ArcSight Enterprise Security Manager (ESM) product report
Buyer's Guide
Logz.io
October 2024
Logz.io reportDownload Logz.io product report
 

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight
Logz
 

Learn More

OpenText
Logz.io
 

Overview

ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.

ArcSight Enterprise Security Manager (ESM) Features

  • Real-time threat detection
  • Visualization and reporting capabilities
  • Patented log management
  • Personalized dashboards
  • Scalable event monitoring
  • Seamless integration with your existing SOC tools
  • Behavior profiling
  • Data and user monitoring
  • Application monitoring
  • Analytics
  • Deployment/support simplicity

ArcSight Enterprise Security Manager (ESM) Benefits

Some of the benefits of using ESM include:

  • Real-time information: ArcSight ESM can correlate data from any source in real-time to detect incidents before they become a breach.
  • Compliance: Optional compliance packs enable packaged reports for PCI, SOX, and IT Governance.
  • Security analytics: With ArcSight ESM, you can build and maintain a security operation center (SOC) through big data security analytics.
  • Integration: ArcSight ESM allows you to integrate SOC with network operations, service desk, CMDB, business intelligence, Hadoop, email security, application security, threat feeds, and more. 
  • Speed: ArcSight ESM provides excellent speed of event collection with patented log management tools. 
  • Advanced detection: ArcSight ESM can detect unusual or unauthorized activities as they occur, preventing business disruptions. 
  • Decrease threat exposure: By implementing ArcSight ESM, you reduce threat exposure because the solution detects threats in real time.  
  • Operational efficiency: ArcSight ESM makes it possible for you to automate responses with ArcSight’s native SOAR, which saves your organization time, and therefore increases your operational efficiency.

Reviews from Real Users

Below are some reviews and helpful feedback written by ArcSight Enterprise Security Manager (ESM) users.

A Head of Professional Services at a computer software company says, “The simplicity of the solution is the most valuable aspect of the product. The product is quite mature. It's been around for a long time. The integration is easy for the most part.”

A Managing partner at a tech services company states that the solution is “Good at consolidating logs, fairly stable, and can scale.” 

PeerSpot user Abbasi P., Vice President Derivatives Ops IT at a financial services firm, explains, “The user interfaces are quite good and speedy, and I like the consoles too. The typology and the setup are also good.”

A Chief Technological Officer at a tech services company says, "It is a very useful tool for intelligence building because it has many use cases and many rule sets."

An Associate Vice President at a consumer goods company comments, “We primarily use the solution for its technology including its independent logs, and those types of things. The solution offers very good monitoring. The product's log management and event management capabilities are excellent. There are a lot of really good analytical components. It helps us focus on analysis.”

Logz.io is a leading cloud-native observability platform that enables engineers to use the best open source tools in the market without the complexity of operating, managing, and scaling them. Logz.io offers four products: Log Management built on ELK, Infrastructure Monitoring based on Prometheus, Distributed Tracing based on Jaeger, and an ELK-based Cloud SIEM. These are offered as fully managed, integrated cloud services designed to help engineers monitor, troubleshoot and secure their distributed cloud workloads more effectively. Engineering driven companies like Siemens, Unity and ZipRecruiter use Logz.io to simplify monitoring and security workflows, increasing developer productivity, reducing time to resolve issues, and increasing the performance and security of their mission-critical applications.

 

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
Dish Network, The Economist, Forbes, Holler, Kenshoo, OneSpan, Siemens, Sisense, Unity, ZipRecruiter
Buyer's Guide
ArcSight Enterprise Security Manager (ESM) vs. Logz.io
October 2024
Free Report: ArcSight Enterprise Security Manager (ESM) vs. Logz.io
Find out what your peers are saying about ArcSight Enterprise Security Manager (ESM) vs. Logz.io and other solutions. Updated: October 2024.
DOWNLOAD NOW
814,649 professionals have used our research since 2012.
See our ArcSight Enterprise Security Manager (ESM) vs. Logz.io report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.