Your browser is not supported

For the best experience, use Google Chrome or Mozilla Firefox.


ArcSight Recon

Implement a log management and security analytics solution that eases compliance and accelerates forensic investigation. Hunt and defeat threats with big-data search, visualization, and reporting.

Collect, normalize, aggregate, and enrich data

Ingest terabytes of data from any source. You can simplify SIEM log management for all your data via SmartConnectors, which collect, normalize, aggregate, and enrich data from 480+ source types. Source types include syslog, clickstreams, stream network traffic, security devices, web servers, custom applications, social media, and cloud services.

bg bg

Quickly investigate millions of security events

ArcSight Recon’s columnar database responds to queries faster than traditional databases, enabling you to quickly and efficiently investigate within millions of events. It facilitates threat hunting in massive datasets, enabling security analytics at scale.

bg bg

Maintain compliance standard with pre-built content and reports

ArcSight Recon eases your compliance burden by offering content to facilitate regulatory requirements. Its built-in reports decrease the time required to document for compliance.

bg bg

Store data efficiently with aggregation and log compression

Cost-effectively store your security event log data with Recon’s impressive compression ratios. ArcSight SmartConnectors enable aggregation and filtering of events for additional log storage savings.

bg bg

Gain a complete view of security events

Navigate from ArcSight ESM to Recon with a simple click. Recon adds a valuable layer to ArcSight’s security analytics foundation and leverages the Security Open Data Platform (SODP) architecture. Recon also integrates with leading security tools to provide quick investigation, streamlined workflows, and fast response times.

bg bg

Empower your SOC with automated response

Recon customers can implement native Security Orchestration Automation and Response (SOAR) capabilities without additional cost. With tactical automation and orchestration through a single pane of glass, security teams can speed up their daily security operations and enhance operational efficiency.

dots dots
  • Store at scale and search fast

    ArcSight Recon enables you to store, search, monitor, and analyze data to gain centralized security intelligence from across your entire organization. For quick exploration of the data, Recon’s event detail panel allows investigation of individual and grouped events.

  • Ease the burden of compliance

    ArcSight Recon reduces the pain and complexity of reporting with simpler, automated, customizable reports and dashboards. Pre-built content for FIPS 140-2, GDPR, PCI and IT-GOV compliance packages are now available, and you can customize those reports according to your needs.

Related Resources

Related Products


ArcSight Enterprise Security Manager

A comprehensive threat detection, analysis, and compliance management SIEM solution.


ArcSight Intelligence

Behavioral analytics of security data to identify hidden threats and anomalous behavior.


ArcSight Marketplace

Download and deploy pre-packaged content to dramatically save time and effort.

Interested in Recon?

Contact us today to learn how your organization's log management will benefit from ArcSight Recon.

release-rel-2022-5-1-7444 | Wed May 11 20:40:59 PDT 2022
Wed May 11 20:40:59 PDT 2022