Try our new research platform with insights from 80,000+ expert users

ArcSight Intelligence vs LogRhythm SIEM comparison

OpenText and LogRhythm are both solutions in the Security Information and Event Management (SIEM) category. OpenText is ranked #37 with an average rating of 8.0, while LogRhythm is ranked #6 with an average rating of 7.6. OpenText holds a 0.3% mindshare in SIEM, compared to LogRhythm’s 3.3% mindshare. Additionally, 80% of OpenText users are willing to recommend the solution, compared to 89% of LogRhythm users who would recommend it.
ArcSight Intelligence
Read 5 ArcSight Intelligence reviews
  • 516 Views
  • 371 Comparison Views
80% willing to recommend
LogRhythm SIEM
Read 172 LogRhythm SIEM reviews
  • 8,283 Views
  • 4,756 Comparison Views
89% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

LogRhythm SIEM and ArcSight Intelligence are two prominent SIEM solutions in the market. Users report being more satisfied with the features and usability of ArcSight Intelligence but prefer LogRhythm SIEM for its pricing and customer support.

Features: LogRhythm SIEM's valuable features include real-time monitoring, advanced threat detection, and comprehensive incident response capabilities. ArcSight Intelligence is praised for its scalability, high-powered analytics, and machine learning capabilities. ArcSight Intelligence is favored for its advanced analytics and scalability, while LogRhythm SIEM is commended for its real-time threat detection.

Room for Improvement: LogRhythm SIEM users suggest improvements in the dashboard customization and reporting features. ArcSight Intelligence users point out the need for better integration capabilities and reduced complexity. While both products have areas for enhancement, LogRhythm SIEM's need for better customization and ArcSight Intelligence's call for simplified integration are notable.

Ease of Deployment and Customer Service: LogRhythm SIEM users find the deployment process straightforward and value the responsive customer service. ArcSight Intelligence has a more complex deployment process but is supported by detailed documentation. Users appreciate LogRhythm SIEM's ease of deployment and customer service responsiveness, whereas ArcSight Intelligence is seen as more challenging to deploy despite extensive documentation.

Pricing and ROI: Users find LogRhythm SIEM to have a competitive setup cost and satisfactory ROI. ArcSight Intelligence has higher initial costs, but users feel the advanced features justify the expense. LogRhythm SIEM is recognized for its cost-effectiveness, while ArcSight Intelligence is considered worth its higher price due to its feature set.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ArcSight Intelligence vs. LogRhythm SIEM Report (Updated: October 2024).
Buyer's Guide
ArcSight Intelligence vs. LogRhythm SIEM
October 2024
Download the complete report
Helped 814,649 peers since 2012
 

Categories and Ranking

ArcSight Intelligence
Ranking in Security Information and Event Management (SIEM)
37th
Average Rating
8.0
Number of Reviews
5
Ranking in other categories
User Entity Behavior Analytics (UEBA) (17th)
LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
6th
Average Rating
8.4
Reviews Sentiment
6.5
Number of Reviews
172
Ranking in other categories
Log Management (10th)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Intelligence is 0.3%, down from 0.3% compared to the previous year. The mindshare of LogRhythm SIEM is 3.3%, down from 4.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Nagendra Nekkala - PeerSpot reviewer
Nov 21, 2023
A user-friendly solution that can be used to integrate the logs properly with different connectors
We use ArcSight Intelligence for some user behavioral analytics. The solution is used to integrate the logs properly with different Unix-based and Microsoft-based connectors. The solution gives us alerts on a single console to give us clear visibility of the total network and filter the unnecessary…
Read full review
Joseph W. - PeerSpot reviewer
Oct 18, 2022
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The product has a valuable interface."
"The platform helps us improve threat detection capabilities."
"The most valuable feature of ArcSight Intelligence is a single console where the entire dashboard gives all the connected details in a single place."
"The ability to tailor an environment to suit our specific use cases is a major advantage of ArcSight compared to other logging servers such as Splunk."
"We found the correlation engine to be very good. It takes logs from different types of devices and does the correlation in a good way."
"We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products."
"File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting."
"I like LogRhythm's ease of use. The solution has improved compared to previous versions. It had many issues before, like integration, the console, creating reports, false positives, etc. The AI engine has made it stronger in the latest version."
"I would say the most valuable feature of LogRhythm is that it has built-in UEBA functionality, among other basic Windows packages."
"Overall effectiveness is very good. I like how it is oriented to both analysts and technical support people. It's easily adopted by end users as much as by technologists."
"The content in the community is very helpful and useful for new users."
"The product is great for medium to large-scale organizations."
"We have to be able to show the evidence, and LogRhythm does a great job of putting it forward and making it easy to create reports with nice looking dashboards, which show off what we are doing as a security program."
More LogRhythm SIEM pros
 

Cons

"We haven't found the product fully scalable."
"The dashboard is not user-friendly and is in black and white."
"ArcSight Intelligence's pricing needs improvement."
"ArcSight Intelligence is a bit slower, and its speed should be improved."
"The frequency of the updates that we are getting can be improved because the number and types of incidents that are happening at the global level are far more than what we are receiving. The frequency of updates feeds related to our rules should be increased. There should be more frequent information about the new rules that are coming and the global threats that are happening. There should be better options for dashboard creation. At present, the dashboards are good, but there is scope to make them better."
"I would like to see our vulnerabilities counter. We will be using Tenable to fill that void right now."
"The responses provided by the cloud team are inefficient."
"Sometimes, the tool fails to get the correlated events that triggered the alerts."
"There is room for improvement with separate running sources or better integration."
"We have run into problems with stability going through upgrade processes. Recently, we have been on the front edge of the upgrade path. When that happens we tend to run into issues either with certain functionality not working after the upgrades or stability issues because of the upgrades."
"Their ticketing system for managing cases can be improved. They can either do that or adopt some of the open-source ticket systems into theirs. The current system works and gets the job done, but it is very bare-bones and basic. There are some things that could be improved there. They should also bring in more threat intelligence into the product and also probably start to look into the integration of more cloud or SAS products for ingesting logs. They're doing the work, but with the explosion of COVID, a lot of businesses have started to move towards more cloud applications or SAS applications. There is a whole diverse suite of SAS products out there, which is a challenge for them and I get it. They seem to be focusing on the big ones, but it'll be nice to be able to, for example, pull in Microsoft logs from Office 365. They are working towards a better way of doing that, and they have a product in the pipeline to pull logs in from other SAS applications. The biggest thing for them is going to be moving away from a Windows Server infrastructure into a straight-up Linux, which is more stable in my eyes. For the backend, they can maybe move into more of an up-to-date Elastic search engine and use less of Microsoft products."
"Stability has probably been one area where Health Checks have not been great with the product. We have been told that they are going to improve Health Checks on product, though we do struggle with them on a daily basis."
"The product's stability needs improvement."
More LogRhythm SIEM cons
 

Pricing and Cost Advice

"It is an expensive platform."
"Its price is average and not very high. Splunk might be a bit cheaper than this. Its licensing is on a monthly basis."
"ArcSight Intelligence is an expensive solution."
"The solution is expensive and only suitable for enterprise environments."
"They offer perpetual licenses for the product."
"We work with French-speaking African countries, and it costs more than the average SIEM solution. Also, the pricing isn't too flexible. AlienVault, Splunk, and IBM QRadar are more suitable for customers on a tight budget."
"The setup and licensing for small and medium size businesses is straightforward, though when it comes to the enterprise it pays to keep in mind the possibility for complications given all the extras and add-ons that may be required."
"It costs a great amount, but its pricing is competitive with some of the other vendors. For licensing and support, we pay about 20,000. There are no additional costs or anything like that."
"In the context of our country, the price of this solution is too high."
"It is a very cost-effective solution."
"On a scale of one to ten, I'd rate the pricing of this solution as a seven - not too expensive but not cheap either. Regarding licensing costs, it varies depending on factors like being a partner or an end user, but there are no additional costs aside from standard licensing fees for the basic SIEM solution."
"I would recommend that whatever sales quotes to them upfront, they will probably go up. Because they are probably going to outgrow that very quickly or once they start getting everything into it, they are going to have to move up anyway."
"LogRhythm's licensing is based on MPS. There are some add-on features like advanced UEBA, the cloud component for advanced UEBA, and SIEM."
More LogRhythm SIEM pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
814,649 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
Read full review
 

Top Industries

By visitors reading reviews
Government
21%
Computer Software Company
18%
Financial Services Firm
8%
Manufacturing Company
6%
Educational Organization
43%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about ArcSight Interset / Intelligence?
The platform helps us improve threat detection capabilities.
See all answers
What is your experience regarding pricing and costs for ArcSight Interset / Intelligence?
They offer perpetual licenses for the product.
See all answers
What needs improvement with ArcSight Interset / Intelligence?
The product could be improved in several areas; it currently requires significant enhancement. Compared to QRadar and Splunk, ArcSight Intelligence falls behind, placing it as the third choice amon...
See all answers
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
See all answers
What do you like most about LogRhythm NextGen SIEM?
LogRhythm does a very good job of helping SOCs manage their workflows.
See all answers
What is your experience regarding pricing and costs for LogRhythm NextGen SIEM?
LogRhythm's pricing and licensing are extremely competitive and it's one of the top three reasons we continue to invest in the platform.
See all answers
 

Comparisons

ArcSight Enterprise Security Manager (ESM) vs ArcSight Intelligence Logo
ArcSight Enterprise Security Manager (ESM) vs ArcSight Intelligence
Compared 63% of the time
Microsoft Sentinel vs ArcSight Intelligence Logo
Microsoft Sentinel vs ArcSight Intelligence
Compared 37% of the time
More ArcSight Intelligence Competitors
IBM Security QRadar vs LogRhythm SIEM Logo
IBM Security QRadar vs LogRhythm SIEM
Compared 14% of the time
Splunk Enterprise Security vs LogRhythm SIEM Logo
Splunk Enterprise Security vs LogRhythm SIEM
Compared 13% of the time
Wazuh vs LogRhythm SIEM Logo
Wazuh vs LogRhythm SIEM
Compared 6% of the time
LogRhythm Axon vs LogRhythm SIEM Logo
LogRhythm Axon vs LogRhythm SIEM
Compared 6% of the time
Fortinet FortiSIEM vs LogRhythm SIEM Logo
Fortinet FortiSIEM vs LogRhythm SIEM
Compared 5% of the time
More LogRhythm SIEM Competitors
 

Product Reports

Buyer's Guide
Security Information and Event Management (SIEM)
October 2024
ArcSight Intelligence reportDownload ArcSight Intelligence product report
Buyer's Guide
LogRhythm SIEM
October 2024
LogRhythm SIEM reportDownload LogRhythm SIEM product report
 

Also Known As

ArcSight Interset / Intelligence, FileTrek, Interset UEBA, Micro Focus Interset UEBA, Micro Focus Interset, ArcSight Interset
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Learn More

OpenText
LogRhythm
 

Overview

Empower your threat hunting team to pre-empt elusive attacks with anomaly detection powered by security AI to find insider threats, zero-day attacks, and APTs.

LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:

● Streamlined workflow

● Secure data access

● Real-time visibility

● A unified user experience

● Management customization

Security information and event management (SIEM) solutions have been evolving for over a decade; their core functionality still acts as the most effective foundation for any organization’s technology stack. A SIEM solution enables an organization to centrally collect data across its entire network environment to gain real-time visibility into activity that may pose a risk to the organization. SIEM technology addresses threats before they become significant financial risks while simultaneously helping better manage an organization’s assets.

LogRhythm SIEM has many key features and capabilities, including:

High-Performance Log Management: LogRhythm SIEM offers structured and unstructured search capabilities which allows users to swiftly search across an organization’s vast data to easily find answers, identify IT and security issues, and troubleshoot issues. Users can efficiently process and index terabytes of log data daily.

Network and Endpoint Monitoring: Forensic sensors allow users to gain deep visibility into endpoint and network activity. Users can see behavioral anomalies and better respond to incidents.

SmartResponse™ Automation: LogRhythm SIEM allows users to centrally execute pre-staged actions that automate incident investigatory tasks and responses.

Automated Machine Analytics: LogRhythm SIEM's AI Engine continuously analyzes all collected security incidents and forensic data. Security teams are delivered precise, real-time intelligence about risk-prioritized threats.

Case and Security Incident Management: LogRhythm SIEM offers an integrated workflow so that threats don’t slip through the cracks. Collaboration tools help centrally manage and track investigations.

User and entity behavior analytics (UEBA): Embedded deterministic UEBA monitoring helps protect against insider threats.

Security orchestration, automation, and response (SOAR): LogRhythm SIEM includes our embedded SOAR solution to increase efficiency and higher-quality incident response with low mean time to response (MTTR).

Benefits to Using LogRhythm SIEM

The platform offers great value to security and IT operations. Users have the ability to map their security and IT operations to existing frameworks such as NIST and MITRE ATT&CK.

● The platform offers broad integration across security and IT vendors: Users benefit from support for integration with hundreds of security and IT solutions. In turn, this further extends SIEM capabilities and data collection.

● The platform provides compliance adherence, enforcement, and reporting: The prebuilt compliance modules automatically detect violations as they occur and remove the burden of manually reviewing audit logs.

Reviews from Real Users

LogRhythm SIEM stands out among its competitors for a number of reasons. Two major ones are its ability to be customized and its quick performance of queries.

Jason G., a senior cybersecurity engineer, writes, "I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."

Andy W., principal consultant at ITSEC Asia, notes, “LogRhythm SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions.”

 

Sample Customers

Accuvant, Splunk Inc., NuTech, Box, rSolutions, Voodoo Technology Limited
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Buyer's Guide
ArcSight Intelligence vs. LogRhythm SIEM
October 2024
Free Report: ArcSight Intelligence vs. LogRhythm SIEM
Find out what your peers are saying about ArcSight Intelligence vs. LogRhythm SIEM and other solutions. Updated: October 2024.
DOWNLOAD NOW
814,649 professionals have used our research since 2012.
See our ArcSight Intelligence vs. LogRhythm SIEM report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.