What is ArcSight Logger?
ArcSight Logger is the first Universal Log Management solution that unifies searching, reporting, alerting and analysis across any type of enterprise log data, making it unique in its ability to collect, analyze and store massive amounts of data generated by modern networks. It supports multiple deployment options and can be deployed as an appliance and as software.
Get Started in Minutes!
ArcSight Logger is available as free downloadable software that brings true enterprise-class log management functionality to everyone. Users can download, install and start getting instant value out of their logs within minutes. Using this version, you can collect up to 750 MB of log data per day and store up to 500 GB of uncompressed logs (assuming average compression 10:1). It also comes with 90 days of phone and email support followed by access to the ArcSight Logger user community. As shown below, the downloadable version of ArcSight Logger provides access to all enterprise features for a full 12 months. Anytime during that period, you can upgrade to an enterprise version.
|Functionality||ArcSight Logger |
(Downloadable Version – L750MB)
|Daily Limit on Log Data||750MB||License dependent|
|Total Searchable Space (Compressed)||50GB||License dependent|
|Support for ArcSight SmartConnectors||Restricted set of ArcSight SmartConnectors supported||Full set of ArcSight SmartConnectors supported|
|Searching, Reporting and Real-time Alerting||Yes||Yes|
|Granular Role-Based Access||Yes||Yes|
|Authentication and Authorization||Yes||Yes|
|ArcSight Community Support||Yes||Yes|
At this time, ArcSight Logger - Downloadable version can only be downloaded from the following countries: Australia, Belgium, Canada, Denmark, Finland, France, Germany, Hong Kong, India, Israel, Italy, Kuwait, Malaysia, Netherlands, Norway, Poland, Russia, Saudi Arabia, Singapore, South Africa, Spain, Sweden, Taiwan, Thailand, Turkey, United Arab Emirates, United Kingdom and United States.
Supported Operating Systems
- Redhat Enterprise Linux, version 5.4, 64-bit
- Oracle Enterprise Linux, version 5.4, 64-bit
- CentOS, version 5.4, 64-bit
CPU, Memory, Disk Space
- CPU: 1 or 2 x Intel Xeon Quad Core or equivalent
- Memory: 4 - 12 GB
- Disk Space: 100 - 120 G
- Average compression of 10:1 (dependent on data type and data source)
- IE 7 and IE 8
- Firefox 3.0 and 3.5
What It Does
ArcSight Logger collects information from any system that generates log data. It can process that information as much or as little as desired, and can produce ultra-fast searching across the data. As a result, organizations of any size can use this high performance log data repository to aid in faster forensic analysis of IT operations , application development, and cybersecurity issues, and to simultaneously address multiple regulations.
How It's Different
Until now, log analysis was asset-centric and organizations purchased one product for security and compliance reporting, a different product for IT operations search and yet another one for application development. Today, the questions that need to be answered through log analysis are increasingly user-centric and can span any and all infrastructure. Traditional log management tools cannot be expanded to analyze logs across the enterprise because they are limited by the type of sources; have restricted search/reporting capabilities and are not scalable. ArcSight Logger is a universal log management solution that can capture and analyze ALL enterprise log data to answer questions of individual teams and can easily be expanded into an enterprise-wide log management solution when needed.
ArcSight Logger Specifications
|Model||L750MB||L5GB||L3400 & L3400-PCI||L7400-SAN||L7400s||L7400x|
|Software Availability||Available as software ONLY||Available as software ONLY||Also available as software (L30GB)||Available as HW only||Also available as software (L80GB)||Also available as software (L160GB)|
|Management||Web browser, CLI, Web Services API|
|Supported Sources||Raw Syslog (TCP/UDP), Raw File based logs (FTP, SCP, SFTP)
Analysis optimized collection using ArcSight SmartConnectors
FlexConnector framework for legacy event sources
ArcSight CEF (Common Event Format), ArcSight ESM
|OS||Supported OS (software model): Red Hat Enterprise Linux, CentOS and Oracle Enterprise Linux||Redhat Enterprise Linux v5.5, 64-bit|
|Compression||Up to 10:1|
|Max EPS||750 MB of logs/day||5 GB/day||2,000||75,000||5,000||100,000|
|CPU||N/A||N/A||1 x Intel E5620, quad core, 2.4 GHz||2 x Intel Xeon E5504, quad core 2.0 GHz||2 x Intel E5620,
quad core, 2.4 GHz
|Storage||N/A||N/A||3 x .5TB -
|External – SAN||6 x 1TB - RAID 5|
|Power||N/A||N/A||1 x 460W CS
Platinum Power Supply
|2 x 460W CS Platinum Power Supply||2 x 750W CS
Platinum Power Supply
||N/A||N/A||4 x 10/100/1000||4 x 10/100/1000||4 x 10/100/1000|
|Host Bus Adapter||N/A||N/A||N/A||Emulex LPe12002||N/A|
|Dimensions (DxWxH)||N/A||N/A||1.70 x 16.78 x 27.25"||1.70 x 16.78 x 27.25"||3.38 x 17.54 x 29.25"|
Actual performance will depend on factors specific to a user’s environment.
CTO Overview: ArcSight Logger
Hugh Njemanze, ArcSight Chief Technology Officer and Executive Vice President of Research and Development, discusses why ArcSight Logger is a revolution in the log management space that unifies searching, reporting, alerting and analysis across any type of enterprise log data, making it unique in its ability to collect, analyze and store massive amounts of data generated by modern networks. Watch the Video
ArcSight Case Study:
Priority Health on ArcSight Logger
ArcSight Logger helps Priority Health streamline IT operations, enable long-term security investigation and perform "unbelievably fast" searches against structured and unstructured log data. Watch the Video
ArcSight Case Study:
EFG Bank on ArcSight Logger
ArcSight Logger provides EFG Bank a platform that allows their auditors to easily search and review logs to prove adherence to strict compliance and regulation laws.
Watch the Video
ARCSIGHT LOGGER RESOURCES