Try our new research platform with insights from 80,000+ expert users

ArcSight Logger vs LogRhythm SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Logger
Ranking in Log Management
31st
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
31
Ranking in other categories
No ranking in other categories
LogRhythm SIEM
Ranking in Log Management
11th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
173
Ranking in other categories
Security Information and Event Management (SIEM) (7th)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of ArcSight Logger is 0.8%, down from 1.2% compared to the previous year. The mindshare of LogRhythm SIEM is 2.2%, down from 3.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Geraldo Freitas - PeerSpot reviewer
Enhances our security incident investigation but not good for correlation
Investigation is good when you know what you want to search for in Logger. The most difficult part is parsing the logs and configuring the parsers. For investigation, it's good. For correlation, it's not good. We use Sentinel, and Sentinel has pre-built use cases that are much easier to configure. So, it enhances our security incident investigation. We have inbound integration, but configuring the parsers is sometimes very difficult. We only have two use cases where we have a correlation set up. We send the information to Check Point to block IP addresses when we see a lot of blocks from the same source. We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist. So, it offers the ease of integration.
Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is one of the best products available in the market."
"The most valuable feature is the search capability, which is simple to use."
"ArcSight's robustness is its most valuable feature."
"The technical support team is good...It is a scalable solution."
"In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
"I am impressed with the product's ability to pick up logs. It also has UEBA which has reduced the time to take charge of the events."
"The machine learning is a good feature."
"LogRhythm does a very good job of helping SOCs manage their workflows."
"The AI Engine can take an event and correlate it into something else giving us meaningful context regarding what is going on. We integrated it in with our ticketing system, so if an alarm fires, it raises a ticket in our system."
"The user interface is good."
"We should be able to response to threats and gain visibility into our environment that we don't currently have."
"The log analysis feature is valuable."
"Provides visibility into the network."
"The most valuable feature of LogRhythm for me is the ability to correlate logs throughout many different log sources."
"We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior."
 

Cons

"ArcSight has been sold two or three times, and the quality has decreased."
"The next release should have AI capabilities."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"The solution could be improved in maintenance settings."
"You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."
"We have had problems with archiving."
"In the next release, I want to see more intelligence."
"We find that the search and access functionality is quite slow."
"I have probably submitted half a dozen log parser requests, and I keep finding more stuff that we need to keep an eye on that doesn't have a definition in LogRhythm."
"I would like to see our vulnerabilities counter. We will be using Tenable to fill that void right now."
"The web and on-premise console interface should be the same instead of having a separate engine for each."
"The customer support system is time-consuming."
"The integration is slightly difficult with other assets, like EDR technologies or firewalls."
"Stability has probably been one area where Health Checks have not been great with the product. We have been told that they are going to improve Health Checks on product, though we do struggle with them on a daily basis."
"In terms of blind spots, we are looking for more improvements since we don't have visibility over everything."
"LogRhythm's SOAR and NDR features don't stack up well against competitors. maybe integrating theme functionality as the other do. But in general, it's okay."
 

Pricing and Cost Advice

"I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."
"I would rate the product a seven out of ten since it's an enterprise product."
"Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."
"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."
"The pricing is quite harsh."
"It's not cheap at all as it's a big product and has been in the market for quite some time now."
"ArcSight is an expensive solution."
"We have a lifetime license, so we don't pay a monthly fee."
"I give the price a six out of ten."
"The nice thing about LogRhythm is you can either use the agents, getting a certain number of agents with your license depending on how you want to go, and those agents do a lot of cool things, or you can use CIS Log host, then you have like an unlimited number of them."
"LogRhythm's pricing and licensing is extremely competitive and it's one of the top three reasons we continue to invest in the platform."
"It costs a great amount, but its pricing is competitive with some of the other vendors. For licensing and support, we pay about 20,000. There are no additional costs or anything like that."
"On a scale of one to ten, I'd rate the pricing of this solution as a seven - not too expensive but not cheap either. Regarding licensing costs, it varies depending on factors like being a partner or an end user, but there are no additional costs aside from standard licensing fees for the basic SIEM solution."
"We work with French-speaking African countries, and it costs more than the average SIEM solution. Also, the pricing isn't too flexible. AlienVault, Splunk, and IBM QRadar are more suitable for customers on a tight budget."
"We have seen a measurable decrease in the mean time to detect and respond to threats. As it comes out new features and new releases, the window is becoming a lot narrower because you can pivot a lot more with the data. Therefore, the new features and enhancements are reducing that."
"Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
17%
Government
9%
Educational Organization
6%
Educational Organization
40%
Computer Software Company
9%
Financial Services Firm
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ArcSight Logger?
We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist.
What is your experience regarding pricing and costs for ArcSight Logger?
The pricing isn't the problem. We have a lifetime license, so we don't pay a monthly fee.
What needs improvement with ArcSight Logger?
The solution has room for improvement. We're currently upgrading to the newer version, where they have something like Kafka, a hub for all solutions feeding information into Logger. However, I thin...
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
The SOAR capabilities need improvements as they currently require programming knowledge. A more user-friendly user interface with drag-and-drop features, similar to key competitors like Splunk, wou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
 

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Overview

 

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Find out what your peers are saying about ArcSight Logger vs. LogRhythm SIEM and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.