Try our new research platform with insights from 80,000+ expert users

ArcSight Logger vs LogRhythm SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Logger
Ranking in Log Management
31st
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
31
Ranking in other categories
No ranking in other categories
LogRhythm SIEM
Ranking in Log Management
11th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
173
Ranking in other categories
Security Information and Event Management (SIEM) (7th)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of ArcSight Logger is 0.8%, down from 1.2% compared to the previous year. The mindshare of LogRhythm SIEM is 2.2%, down from 3.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Geraldo Freitas - PeerSpot reviewer
Enhances our security incident investigation but not good for correlation
Investigation is good when you know what you want to search for in Logger. The most difficult part is parsing the logs and configuring the parsers. For investigation, it's good. For correlation, it's not good. We use Sentinel, and Sentinel has pre-built use cases that are much easier to configure. So, it enhances our security incident investigation. We have inbound integration, but configuring the parsers is sometimes very difficult. We only have two use cases where we have a correlation set up. We send the information to Check Point to block IP addresses when we see a lot of blocks from the same source. We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist. So, it offers the ease of integration.
Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We haven't had any crashes or bugs. It is stable."
"The most valuable feature is the search capability, which is simple to use."
"ArcSight's robustness is its most valuable feature."
"It provides in-depth information on business activities once we log into the system."
"The ability to customize the solution in great detail is its most valuable features. We can customize the use cases and also have the ability to do scripting. We can personalize our dashboard as well. The scalability the solution offers is quite impressive."
"ArcSight provides the basic information that we want."
"In terms of ArcSight Logger's most valuable feature, it is their scalability. ArcSight's real advantage is its scalability because they have two layers, including the logger layer."
"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
"It has centralized monitoring for our security operations. Therefore, it improves our analysts' work."
"In general, the visibility of events and advanced analysis of events are good."
"Its ability to work with all different sorts of log sources has been extremely valuable."
"We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products."
"Compliance reporting is another great feature of this product. It has built in reports right out of the box."
"LogRhythm SIEM offers advanced features such as AI engine modules, machine learning, and threat intelligence integration, which help reduce false positives. Advanced analytics streamlines incident response processes, enabling incident responders to prioritize and automate alerts."
"The Web Console is my favorite. It enables me, at a glance, to see the health of the environments."
"LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it."
 

Cons

"The console in older versions is not user-friendly."
"In the next release, I want to see more intelligence."
"The solution must provide readymade connectors for different applications."
"Using the ArcSight Logger dashboard is not particularly intuitive or efficient, so it is important to be trained in its use."
"I would rate the technical support only 5 out of 10. The technical support is not satisfactory."
"The initial setup was a little bit complex."
"The integration with other systems could be improved."
"It's not a new product and is a bit complex. So, it requires a person dedicated to working on it and to know about it in and out. It is a huge product, and the search operation is a bit complicated for a new user or someone who has not used it for long. So for that person, it becomes a bit difficult."
"One of the challenges of the SIEM for the LogRhythm 7 platform is the amount of time it takes to bring new log sources into the MDI."
"I would like to see our vulnerabilities counter. We will be using Tenable to fill that void right now."
"Technical support could use a little work in the terms of responding back. The feedback that we received is they do need a little more staff."
"The customer support system is time-consuming."
"Stability has probably been one area where Health Checks have not been great with the product. We have been told that they are going to improve Health Checks on product, though we do struggle with them on a daily basis."
"When we originally got LogRhythm, their tech support was fantastic, and I loved them. Now, we don't quite get as quick of a response. I've been disappointed in the more recent tech support. When you call in, they'll say that they will get you somebody, and you'll finally get someone who will contact you back a day or so later. Whereas before, I would get help right away."
"I would like to see case management become more independent from LogRhythm itself."
"NextGen SIEM has separate rules for AI, advanced intelligence, and MP rules - it would be better to have a centralized way to write the rules and create alarms."
 

Pricing and Cost Advice

"Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."
"I would rate the product a seven out of ten since it's an enterprise product."
"It's not cheap at all as it's a big product and has been in the market for quite some time now."
"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."
"We have a lifetime license, so we don't pay a monthly fee."
"I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."
"The pricing is quite harsh."
"ArcSight is an expensive solution."
"The nice thing about LogRhythm is you can either use the agents, getting a certain number of agents with your license depending on how you want to go, and those agents do a lot of cool things, or you can use CIS Log host, then you have like an unlimited number of them."
"The setup and licensing for small and medium size businesses is straightforward, though when it comes to the enterprise it pays to keep in mind the possibility for complications given all the extras and add-ons that may be required."
"On a scale of one to ten, I'd rate the pricing of this solution as a seven - not too expensive but not cheap either. Regarding licensing costs, it varies depending on factors like being a partner or an end user, but there are no additional costs aside from standard licensing fees for the basic SIEM solution."
"In the context of our country, the price of this solution is too high."
"LogRhythm's licensing is based on MPS. There are some add-on features like advanced UEBA, the cloud component for advanced UEBA, and SIEM."
"In comparison to the competition, they are more affordable. This allows us to do more with less."
"The license cost is around $10 per MPS."
"It costs a great amount, but its pricing is competitive with some of the other vendors. For licensing and support, we pay about 20,000. There are no additional costs or anything like that."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
20%
Computer Software Company
16%
Government
8%
Manufacturing Company
6%
Educational Organization
45%
Computer Software Company
9%
Financial Services Firm
6%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ArcSight Logger?
We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist.
What is your experience regarding pricing and costs for ArcSight Logger?
The pricing isn't the problem. We have a lifetime license, so we don't pay a monthly fee.
What needs improvement with ArcSight Logger?
The solution has room for improvement. We're currently upgrading to the newer version, where they have something like Kafka, a hub for all solutions feeding information into Logger. However, I thin...
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The SOAR capabilities need improvements as they currently require programming knowledge. A more user-friendly user interface with drag-and-drop features, similar to key competitors like Splunk, wou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
 

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Overview

 

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Find out what your peers are saying about ArcSight Logger vs. LogRhythm SIEM and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.