Try our new research platform with insights from 80,000+ expert users

ArcSight Logger vs LogRhythm SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024
 

Categories and Ranking

ArcSight Logger
Ranking in Log Management
29th
Average Rating
7.8
Number of Reviews
31
Ranking in other categories
No ranking in other categories
LogRhythm SIEM
Ranking in Log Management
10th
Average Rating
8.4
Reviews Sentiment
6.5
Number of Reviews
172
Ranking in other categories
Security Information and Event Management (SIEM) (6th)
 

Mindshare comparison

As of November 2024, in the Log Management category, the mindshare of ArcSight Logger is 0.9%, down from 1.4% compared to the previous year. The mindshare of LogRhythm SIEM is 2.6%, down from 3.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Nagendra Nekkala. - PeerSpot reviewer
Dec 1, 2023
A scalable and stable solution that enables users to see all the event logs in one place
The product helps me see all the event logs in one place. When I look into the application, I can see different levels of alerts and make the required decision The solution provides information about the risk factors. It also provides information on our security exposure. There are multiple…
Joseph W. - PeerSpot reviewer
Oct 18, 2022
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is one of the best products available in the market."
"In our country we are a little bit private in terms of solutions, so we are just starting to use the basic data capture. Now some users can start to use additional features that come with Micro Focus ArcSight like user behavior analytics for investigating."
"It's a brilliant log collection tool, and it can handle hundreds of thousands of servers in a single shot to ingest the data."
"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
"It provides in-depth information on business activities once we log into the system."
"The machine learning is a good feature."
"We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist."
"We check a lot of logs in ArcSight Logger because we're running a massive database platform."
"We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior."
"Technical support has always been helpful."
"The dashboards in the LogRhythm SIEM really help us as a starting point. It gives us a starting point we can go to every day. We walk through several dashboards to see anomalous activity for further investigation."
"LogRhythm has increased productivity because all the tools that we need are in the web UI, allowing us to find threats on our network fast and efficiently."
"It allows us to automate a lot of things with a smaller team."
"The most useful feature that I've found so far is the search function. I like all the different ways you're able to search through metadata and the different ways you're able to correlate or search through logs to find out what's going on."
"Its ability to work with all different sorts of log sources has been extremely valuable."
"The ability to investigate a particular period of time where you can analyze logs is its most valuable feature."
 

Cons

"You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."
"In the next release, I want to see more intelligence."
"The solution should make it possible to integrate network analysis features."
"I would rate the technical support only 5 out of 10. The technical support is not satisfactory."
"The next release should have AI capabilities."
"The console in older versions is not user-friendly."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"I think the ArcSight team should try to simplify legacy products for the customers, because that product is not easy to use or to work with. It needs more more competency or appeal to use. We hope Micro Focus is trying to resolve this."
"LogRhythm NextGen SIEM could improve by adding more applications for the banking sector. There are not any custom applications at this time."
"We do about 750 million a day and some days we do 715 million. Some days we do 820 million or 1.2 billion. But there's no way to drill in and find out: "Where did I get 400,000 extra logs today?" What was going on in my environment that I was able to absorb that peak? I have no way to identify it without running reports, which will produce a long-running PDF that I have to somehow compare to another long-running PDF... I would like to see like profiling behavior awareness around systems like they've been gunned to do around users with UEBA."
"When we originally got LogRhythm, their tech support was fantastic, and I loved them. Now, we don't quite get as quick of a response. I've been disappointed in the more recent tech support. When you call in, they'll say that they will get you somebody, and you'll finally get someone who will contact you back a day or so later. Whereas before, I would get help right away."
"My biggest complaint is documentation. Everyone tells me, "We have documentation on the Community site." I have searched for different types of documentation on numerous occasions, and it might be there, but it's not easily findable."
"I don't think the cloud model in LogRhythm is developed enough."
"I would really love to be able to take some of the data and not have to export it to a CSV file, so I can pull it into Excel to turn it into some other kind of graph."
"The responses provided by the cloud team are inefficient."
"LogRhythm SIEM can improve its user interface. The current interface is quite complex and can be challenging to navigate. While it offers many valuable features, understanding how to access and utilize them efficiently takes time. Simplifying the client console's user interface would significantly enhance the user experience and make it more user-friendly."
 

Pricing and Cost Advice

"Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."
"We have a lifetime license, so we don't pay a monthly fee."
"It's not cheap at all as it's a big product and has been in the market for quite some time now."
"The pricing is quite harsh."
"ArcSight is an expensive solution."
"I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."
"I would rate the product a seven out of ten since it's an enterprise product."
"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."
"Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
"I have seen a measurable decrease in the mean time to detect and respond to threats. We went from not detecting them to detecting them. We can actually pick up what is anomalous in our network now."
"It costs a great amount, but its pricing is competitive with some of the other vendors. For licensing and support, we pay about 20,000. There are no additional costs or anything like that."
"We have seen a measurable decrease in the mean time to detect and respond to threats. As it comes out new features and new releases, the window is becoming a lot narrower because you can pivot a lot more with the data. Therefore, the new features and enhancements are reducing that."
"The support which allows more customized to the environment when we are deploying new systems is called Professional Service and is very expensive. The technical annual support and there is an annual fee."
"I give the price a six out of ten."
"We did a five-year agreement. We pay close to a quarter of a million dollars for our solution."
"I would rate the pricing 4 out of 5. There are no additional costs to the standard licensing fees."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
20%
Computer Software Company
15%
Government
10%
Educational Organization
6%
Educational Organization
43%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ArcSight Logger?
We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist.
What is your experience regarding pricing and costs for ArcSight Logger?
The pricing isn't the problem. We have a lifetime license, so we don't pay a monthly fee.
What needs improvement with ArcSight Logger?
The solution has room for improvement. We're currently upgrading to the newer version, where they have something like Kafka, a hub for all solutions feeding information into Logger. However, I thin...
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What do you like most about LogRhythm NextGen SIEM?
LogRhythm does a very good job of helping SOCs manage their workflows.
What is your experience regarding pricing and costs for LogRhythm NextGen SIEM?
LogRhythm's pricing and licensing are extremely competitive and it's one of the top three reasons we continue to invest in the platform.
 

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Overview

 

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Find out what your peers are saying about ArcSight Logger vs. LogRhythm SIEM and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.