Try our new research platform with insights from 80,000+ expert users

ArcSight Logger vs Elastic Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024
 

Categories and Ranking

ArcSight Logger
Ranking in Log Management
29th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
31
Ranking in other categories
No ranking in other categories
Elastic Security
Ranking in Log Management
5th
Average Rating
7.6
Reviews Sentiment
8.2
Number of Reviews
61
Ranking in other categories
Security Information and Event Management (SIEM) (5th), Endpoint Detection and Response (EDR) (16th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)
 

Mindshare comparison

As of November 2024, in the Log Management category, the mindshare of ArcSight Logger is 0.9%, down from 1.4% compared to the previous year. The mindshare of Elastic Security is 5.0%, down from 8.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Nagendra Nekkala. - PeerSpot reviewer
A scalable and stable solution that enables users to see all the event logs in one place
The technical support team is very slow. The support persons do not take prompt action. They take too much time to implement new changes. Even if we tell them that we are not able to get critical logs, they take almost three to four days to provide a resolution. The support is not good.
Gajewski Marek - PeerSpot reviewer
Provides good anomaly detection and connectivity reporting
We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's a robust, mature product and you can do some really complex operations and analytics."
"In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer."
"It's an efficient solution."
"The ability to customize the solution in great detail is its most valuable features. We can customize the use cases and also have the ability to do scripting. We can personalize our dashboard as well. The scalability the solution offers is quite impressive."
"ArcSight provides the basic information that we want."
"The machine learning is a good feature."
"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
"It is one of the best products available in the market."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"The feature that we have found the most valuable is scalability."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"It's very stable and reliable."
 

Cons

"The product's connectors should work better and the user manuals need an update."
"I think the ArcSight team should try to simplify legacy products for the customers, because that product is not easy to use or to work with. It needs more more competency or appeal to use. We hope Micro Focus is trying to resolve this."
"We have had problems with archiving."
"I would rate the technical support only 5 out of 10. The technical support is not satisfactory."
"I would like to see better scheduling in the next release of this solution."
"It is really difficult to work in ArcSight Logger, as it is very slow."
"The initial setup was a little bit complex."
"In the next release, I want to see more intelligence."
"In terms of improvement, there could be more automation in responding to and evaluating detections."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"Better integration with third-party APMs would be really good."
"There isn't really a very good user experience. You need a lot of training."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"Sometimes, the solution isn't the easiest to use."
 

Pricing and Cost Advice

"It's not cheap at all as it's a big product and has been in the market for quite some time now."
"I would rate the product a seven out of ten since it's an enterprise product."
"We have a lifetime license, so we don't pay a monthly fee."
"The pricing is quite harsh."
"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."
"Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."
"I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."
"ArcSight is an expensive solution."
"This is an open-source product, so there are no costs."
"We are using the free, open-source version of this solution."
"The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."
"Compared to other products such as Dynatrace, this is one of the cheaper options."
"Affordable but with additional costs"
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
816,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
20%
Computer Software Company
16%
Government
10%
Manufacturing Company
6%
Computer Software Company
17%
Financial Services Firm
10%
Government
10%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ArcSight Logger?
We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist.
What is your experience regarding pricing and costs for ArcSight Logger?
The pricing isn't the problem. We have a lifetime license, so we don't pay a monthly fee.
What needs improvement with ArcSight Logger?
The solution has room for improvement. We're currently upgrading to the newer version, where they have something like Kafka, a hub for all solutions feeding information into Logger. However, I thin...
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Compared to other tools, Elastic Security is a cheaper solution.
 

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger
Elastic SIEM, ELK Logstash
 

Learn More

 

Overview

 

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Find out what your peers are saying about ArcSight Logger vs. Elastic Security and other solutions. Updated: October 2024.
816,406 professionals have used our research since 2012.