ArcSight Logger and Wazuh are competing products in the security information and event management space. Wazuh holds an advantage due to its cost-effectiveness and comprehensive features, which many users find worth the investment despite its initial complexity.
Features: ArcSight Logger is well-regarded for its robust log management, high-capacity storage capabilities, and reliable integration with other products. Wazuh stands out with wide-ranging threat detection features, easy scalability, and open-source flexibility. Its comprehensive dashboards and ability to integrate a broad set of data sources make it valuable to users.
Room for Improvement: Users note that ArcSight Logger could benefit from a more intuitive management experience and reduced complexity in managing log data volume. Wazuh has room to enhance its initial setup process to be more straightforward and could improve its documentation for troubleshooting issues effectively.
Ease of Deployment and Customer Service: ArcSight Logger is noted for straightforward deployment processes, though large-scale setups can present challenges. It receives positive feedback for responsive customer service. In contrast, Wazuh’s deployment might be more complex, however, it provides excellent community support alongside official resources, assisting users in navigating initial challenges effectively.
Pricing and ROI: ArcSight Logger can incur significant setup costs, affecting its ROI perception among users, but its performance and support often justify these costs. Wazuh offers a lower initial investment owing to its open-source nature, resulting in a favorable ROI with acknowledged value over time.
We use the open-source version of Wazuh, which does not provide paid support.
The integration modules are insufficiently developed, necessitating the creation of custom integration solutions using tools like Logstash and PubSub.
Scalability depends on the configuration and the infrastructure resources like compute and memory we allocate.
Totaling around two lakh Indian rupees per month.
The stability of Wazuh is strong, with no issues stemming from the solution itself.
We found the MITRE framework mapping and the agent enrollment service to be the most valuable features of Wazuh.
Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.
It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.
Wazuh Capabilities
Some of Wazuh’s most notable capabilities include:
Wazuh Benefits
Some of the most valued benefits of Wazuh include:
Wazuh Offers
Reviews From Real Users
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited
“The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.