What is your primary use case for ArcSight Logger?

We don't have a lot of use cases. We supposed the MSSP provider would have a lot of use cases, and this intelligence would be used in the contract, but it wasn't the case. We do have some specific situations like alerts in case of changes to extremely powerful accounts, administrative groups, and things like that.

score 0 · Answer 2 · 2024-03-06T13:03:00Z

Ben Nnatuanya

Manager, Security Operations Centre at Phillips Consulting Limited

Real User

Top 5

Mar 6, 2024

We primarily use it in our site for compliance.

Subhadip Pakrashi CEO at Kapstone Technological Services LLP · Answer 3 · 2024-02-19T11:26:04Z

If deployed properly, the solution can collect logs well. The categories of logs are very high. It is very good. The solution is compatible with syslog servers. Our customers like the solution.

score 0 · Answer 4 · 2023-12-01T10:11:12Z

The product helps me see all the event logs in one place. When I look into the application, I can see different levels of alerts and make the required decision.

Rikin Rathod Senior Officer IT at Tech Data Limited · Answer 5 · 2023-10-24T12:12:06Z

Rikin Rathod

Senior Officer IT at Tech Data Limited

Real User

Top 10

Oct 24, 2023

We use the product for log management purposes at the moment.

Prischal Bahgoo General Manager at VIC IT · Answer 6 · 2023-05-24T15:29:00Z

Prischal Bahgoo

General Manager at VIC IT

Reseller

Top 10

May 24, 2023

The tool helps us to collect, correlate and publish logs on our site.

score 0 · Answer 7 · 2023-05-18T15:19:00Z

reviewer2183667

Senior ArcSight and IBM resileint (SOAR) administrator at a comms service provider with 1,001-5,000 employees

Real User

Top 5

May 18, 2023

The solution is used for searching and test reports.

Olajide Olusegun Network Team Lead at Atlas Security · Answer 8 · 2023-02-07T16:52:00Z

Most of our clients need security devices that can monitor events such as authentication failures, incorrect logins, link, module, device, and switch failures, security events and alarms, vulnerability events, and threat logs. We are currently using ArcSight Logger and many other Syslog devices to monitor these security events and logs.

Ademayokun Daini Cyber Security Engineer at MTN · Answer 9 · 2022-09-21T03:21:30Z

Our primary use case for this solution is incident response, investigations and log management. For example, risky network communications, communications with risky countries, and VPN connections from outside the country. We deploy the solution on-premises.

score 0 · Answer 10 · 2021-07-16T11:27:43Z

reviewer1625799

Security Professional at a tech services company with 501-1,000 employees

Real User

Jul 16, 2021

Our primary use case was to catch malicious activity happening inside our organization.

score 0 · Answer 11 · 2021-02-18T16:55:00Z

We have just upgraded to Splunk, so we're currently in the process of converting everything over from ArcSight to Splunk.

reviewer1290066 Founder & CEO at a security firm with 10,001+ employees · Answer 12 · 2020-02-17T07:42:26Z

ArcSight logger was used for storing your logs, long-term, in a structured way. You can search in it, you can structure your data in it, and you can generate simple reports.

it_user1141698 Team Lead at a tech services company with 51-200 employees · Answer 13 · 2020-02-16T08:27:00Z

We focus mainly on the enterprise market where the customers have the requirement for log management and compliance. And most of the time we propose ESM along with the logger for SIEM requirements. We have multiple Logger customers here in Sri Lanka where we've implemented and maintained solutions for them.

Msbh345 Senior Security Analyst at a government with 201-500 employees · Answer 14 · 2020-02-09T08:17:00Z

Msbh345

Senior Security Analyst at a government with 201-500 employees

Real User

Feb 9, 2020

We use this solution for archiving log feeds.

reviewer955071 Works at a government with 201-500 employees · Answer 15 · 2019-09-25T05:10:00Z

reviewer955071

Works at a government with 201-500 employees

Real User

Sep 25, 2019

We use the on-premise deployment model. Our primary use case is for monitoring.

CISO67 CISO at a financial services firm with 1,001-5,000 employees · Answer 16 · 2019-09-16T10:14:00Z

We primarily use the solution for monitoring all of our perimeter - from critical assets to less critical ones. It covers IT assets, networks, databases, servers, endpoints, etc.

it_user1052814 SOC Analyst at a tech services company with 11-50 employees · Answer 17 · 2019-08-18T07:52:00Z

We are a service provider and this solution is deployed on-premises for some of our customers. It is primarily used for firewall and Windows events.

score 0 · Answer 18 · 2019-08-11T06:27:00Z

AR

Techconslt67

Technical Consultant at a tech services company with 11-50 employees

Consultant

Aug 11, 2019

We use the on-premise version of ArcSight Logger.

it_user915744 Vulnerability Assessor at Telenor Common Operation · Answer 19 · 2019-02-20T11:20:00Z

We have several uses for this solution like retention storage. We use Logger for some queries since we are in Talco industries. We use it for IT, MSISDN, and mobile phone. For the SM we have communication for the infrastructures including security. Plus, we use ESM for prevention and for a couple of cases we use it for fraud prevention and some for the VIP members check.