Try our new research platform with insights from 80,000+ expert users

ArcSight Logger vs Elastic Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024
 

Categories and Ranking

ArcSight Logger
Ranking in Log Management
29th
Average Rating
7.8
Number of Reviews
31
Ranking in other categories
No ranking in other categories
Elastic Security
Ranking in Log Management
5th
Average Rating
7.6
Number of Reviews
61
Ranking in other categories
Security Information and Event Management (SIEM) (5th), Endpoint Detection and Response (EDR) (16th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)
 

Mindshare comparison

As of November 2024, in the Log Management category, the mindshare of ArcSight Logger is 0.9%, down from 1.4% compared to the previous year. The mindshare of Elastic Security is 5.0%, down from 8.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Nagendra Nekkala. - PeerSpot reviewer
Dec 1, 2023
A scalable and stable solution that enables users to see all the event logs in one place
The product helps me see all the event logs in one place. When I look into the application, I can see different levels of alerts and make the required decision The solution provides information about the risk factors. It also provides information on our security exposure. There are multiple…
Gajewski Marek - PeerSpot reviewer
Aug 13, 2024
Provides good anomaly detection and connectivity reporting
I use Elastic Security to aggregate all logs from different devices in one place. It works pretty well and provides one overview of everything The solution's most valuable features are anomaly detection and connectivity reporting. Elastic Security also has many automation capabilities, which can…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"ArcSight provides the basic information that we want."
"ArcSight's robustness is its most valuable feature."
"It's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."
"In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
"The machine learning is a good feature."
"The technical support team is good...It is a scalable solution."
"It's a robust, mature product and you can do some really complex operations and analytics."
"The solution provides information about the risk factors."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"We've found the initial setup to be quite straightforward."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"The most valuable feature is the speed, as it responds in a very short time."
"It's very customizable, which is quite helpful."
"The tool's functionality is good for overall security and incident response times."
 

Cons

"In the next release, I want to see more intelligence."
"It would be better if the product is cheaper."
"The initial setup was a little bit complex."
"It's not a new product and is a bit complex. So, it requires a person dedicated to working on it and to know about it in and out. It is a huge product, and the search operation is a bit complicated for a new user or someone who has not used it for long. So for that person, it becomes a bit difficult."
"The solution must provide readymade connectors for different applications."
"It is really difficult to work in ArcSight Logger, as it is very slow."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"The solution could be improved in maintenance settings."
"Better integration with third-party APMs would be really good."
"I would like more ways to manage permissions and restrict access to certain users."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
"The solution should generate an automatic product that integrates with ELK Stack to use artificial intelligence."
 

Pricing and Cost Advice

"It's not cheap at all as it's a big product and has been in the market for quite some time now."
"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."
"Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."
"ArcSight is an expensive solution."
"The pricing is quite harsh."
"I would rate the product a seven out of ten since it's an enterprise product."
"I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."
"We have a lifetime license, so we don't pay a monthly fee."
"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"We are using the free, open-source version of this solution."
"This is an open-source product, so there are no costs."
"There is no charge for using the open-source version."
"Affordable but with additional costs"
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
20%
Computer Software Company
15%
Government
10%
Educational Organization
6%
Computer Software Company
17%
Financial Services Firm
10%
Government
10%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ArcSight Logger?
We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist.
What is your experience regarding pricing and costs for ArcSight Logger?
The pricing isn't the problem. We have a lifetime license, so we don't pay a monthly fee.
What needs improvement with ArcSight Logger?
The solution has room for improvement. We're currently upgrading to the newer version, where they have something like Kafka, a hub for all solutions feeding information into Logger. However, I thin...
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Compared to other tools, Elastic Security is a cheaper solution.
 

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger
Elastic SIEM, ELK Logstash
 

Learn More

 

Overview

 

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Find out what your peers are saying about ArcSight Logger vs. Elastic Security and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.