Try our new research platform with insights from 80,000+ expert users

ArcSight Logger vs VMware Aria Operations for Logs comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024
 

Categories and Ranking

ArcSight Logger
Ranking in Log Management
28th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
31
Ranking in other categories
No ranking in other categories
VMware Aria Operations for ...
Ranking in Log Management
16th
Average Rating
8.2
Reviews Sentiment
6.5
Number of Reviews
25
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of December 2024, in the Log Management category, the mindshare of ArcSight Logger is 0.9%, down from 1.4% compared to the previous year. The mindshare of VMware Aria Operations for Logs is 1.2%, down from 1.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Geraldo Freitas - PeerSpot reviewer
Enhances our security incident investigation but not good for correlation
Investigation is good when you know what you want to search for in Logger. The most difficult part is parsing the logs and configuring the parsers. For investigation, it's good. For correlation, it's not good. We use Sentinel, and Sentinel has pre-built use cases that are much easier to configure. So, it enhances our security incident investigation. We have inbound integration, but configuring the parsers is sometimes very difficult. We only have two use cases where we have a correlation set up. We send the information to Check Point to block IP addresses when we see a lot of blocks from the same source. We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist. So, it offers the ease of integration.
DineshKumar3 - PeerSpot reviewer
Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies
What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the search capability, which is simple to use."
"The ESM use cases are the most valuable. It enables us to use the big data collection inside our company. We are able to create use cases for whatever it suits and I find that the most interesting part of any SIEM solution."
"Our return on investment for implementing ArcSight Logger over the past 12 months has been positive."
"We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist."
"ArcSight provides the basic information that we want."
"Some of the most valuable features I really appreciate are the performance, how quick the solution is, and how easy it is to create a query."
"The technical support team is good...It is a scalable solution."
"It's an efficient solution."
"The ability to narrow into a specific time to filter heavy hitters and anomalies is extremely valuable."
"We are using it because we have a VMware product. It has its own built in dashboards for VMware products, and that's a good thing."
"One of the things I like about it is its interface. When it comes to generating reports on VMs and stuff, it's very quick. This is very handy for the technical team, who need to generate reports quickly. So that's really good."
"What I like is that you can have different storage locations for different applications."
"The tool helps my company deal with security and log analysis, which are very important areas for us...It is a scalable solution."
"It gives the customer a quick overview, so they don't have to dig. There's a clear dashboard with many sensors in a single space. He gets a helicopter view of his environment, but he can investigate further if there are serious issues. It's pretty user-friendly."
"The ability to narrow into a specific time to filter heavy hitters and anomalies is extremely valuable."
"The root cause analysis feature is very valuable."
 

Cons

"It's not a new product and is a bit complex. So, it requires a person dedicated to working on it and to know about it in and out. It is a huge product, and the search operation is a bit complicated for a new user or someone who has not used it for long. So for that person, it becomes a bit difficult."
"The solution should make it possible to integrate network analysis features."
"You have limited reporting capabilities and I wouldn't choose ArcSight Logger for this purpose."
"The product's connectors should work better and the user manuals need an update."
"The speed of Logger indexing and searching for certain bugs for some queries that we provide could be improved. It can handle a huge number of logs but it can be improved."
"I would like to see better scheduling in the next release of this solution."
"The console in older versions is not user-friendly."
"I had some latency issues for two months. I had to increase our storage capacity significantly to reduce the latency."
"Log Insight should be better at dealing with audits and security logs. We use another product called QRadar for that."
"In the VMware environment, one area for improvement is the handling of VM failovers due to host failures, such as unexpected shutdowns from hardware issues. Currently, High Availability (HA) doesn't seem to recognize whether the VMs are online during failover, treating them as offline or unavailable."
"The tool could benefit from improved filter settings and dashboarding."
"What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects."
"In vRealize login files, we have limitations regarding log partitions."
"Documentation is lacking, including some guide as to how to use the expressions. It is not clear how to look for a log, for example. Some examples in the documentation might be helpful. I think that VMware had good documentation, but it's no longer hosted. The documentation is not as easy to understand as it was before."
"From an improvement perspective, the tool needs to be made more user-friendly."
"If data migration occurs during a search, it alters performance, causing delays."
 

Pricing and Cost Advice

"Pricing is reasonable compared to similar tools on the market. They offer perpetual licenses."
"It's not cheap at all as it's a big product and has been in the market for quite some time now."
"ArcSight is an expensive solution."
"We have a lifetime license, so we don't pay a monthly fee."
"I rate the product’s pricing a seven out of ten, where one is inexpensive, and ten is expensive."
"The pricing is quite harsh."
"ArcSight Logger is very expensive compared to their competitors, but when we talk to the customer and explain what the features are and how we can scale, they understand. Still, ArcSight is more expensive than the competition."
"I would rate the product a seven out of ten since it's an enterprise product."
"Pricing is good because it is part of the suite package. It comes in a bundle for us."
"Pricing could always be lower. If it were free, I would be more satisfied."
"The licensing cost for vRealize Log Insight is a little higher, so in terms of cost, it all depends upon what kind of environment you have. If you have a complete virtualized environment, or at least you're using a ninety-five percent virtualized environment, then vRealize Log Insight will play a very good role because it is a VMware component, so it has very tight integration with other VMware components and systems. This means you don't have to procure any other monitoring and management tool, and you don't need a separate automation tool. vRealize Log Insight will have an upper hand if your environment is purely virtualized on VMware. If you're using a mix of physical and virtual components, for example, a 50:50 ratio, then you need to have a third-party component to manage overall monitoring."
"I am not sure what the exact cost is. However, I believe the vRealize suite costs $2,500.00 per year."
"The license cost for any other monitoring tool is too high compared to this product."
"The pricing has been updated recently."
"It is not cheap. But it is worth it."
"I rate the product's price a six on a scale of one to ten, where one is cheap, and ten is expensive."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
824,168 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
20%
Computer Software Company
15%
Government
10%
Manufacturing Company
6%
Computer Software Company
15%
Government
14%
Financial Services Firm
12%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ArcSight Logger?
We have a trigger. So, Logger automatically blocks these IP addresses. We could have Logger put them on a blacklist.
What is your experience regarding pricing and costs for ArcSight Logger?
The pricing isn't the problem. We have a lifetime license, so we don't pay a monthly fee.
What needs improvement with ArcSight Logger?
The solution has room for improvement. We're currently upgrading to the newer version, where they have something like Kafka, a hub for all solutions feeding information into Logger. However, I thin...
What do you like most about vRealize Log Insight?
The events are notably more descriptive, aiding in security and event analysis. We've also integrated Sky Collector, providing valuable insights and solutions for troubleshooting.
What is your experience regarding pricing and costs for vRealize Log Insight?
One major advantage of VMware compared to Splunk is pricing. VMware is licensed based on hardware rather than the amount of data, making it much cheaper. Splunk, often paid by the terabytes, become...
What needs improvement with vRealize Log Insight?
The tool could benefit from improved filter settings and dashboarding. While there are dashboards available, they are often created by community members and may not work after updates. It would be ...
 

Also Known As

Micro Focus Arcsight Logger, HPE Arcsight Logger
vRealize Log Insight
 

Learn More

Video not available
 

Overview

 

Sample Customers

China Merchants Bank, Bank AlJazira, Banca Intesa
Wildlands Adventure Zoo, Medic Mobile, IBM, Seventy Seven Energy, Baystate Health, Osis, Oxford University, Columbia University, Siemens, Cardinal Health, Ashdod Port, Vasakronan, Sydney Adventist Hospital, University of Derby
Find out what your peers are saying about ArcSight Logger vs. VMware Aria Operations for Logs and other solutions. Updated: December 2024.
824,168 professionals have used our research since 2012.