« LogLogic LX/ST Score High Points with InfoWorld | Main | Reviewing System Logs - Do You Have To? »
What LogLogic Really Does
Redmonk's post last week on the Log Management & Intelligence (LMI) market has been drawing quite a bit of attention. Some of it on the mark, some of it not.
SecurityIncite is the latest to weigh in, agreeing that this in a seperate market. Where this post misses the mark is understanding what LogLogic does. We do collect Log data. More logs, from more sources, at faster rates than anyone in the industry. We don't stop there.
Using machine learning and behavioral anomly detection we then provide real-time alerting and reporting. This moves LMI from reactive to proactive mode. By detecting subtle shifts in IT behavior and trends we enable customers to prevent harmful activity and mitigate risk before it becomes business impacting. So, we are analyzing it in real-time.
We also provide correlation. This is often a misunderstood offering from LMI vendors. LogLogic provides root-cause correlation of log data from any device type and vendor by IP address, user name, system name, geography, time and such. Correlation is available for alerts, search, ad-hoc and scheduled reports.
Unlike with most other solutions, correlation for alerts and search can be achieved for pre-defined strings and for any keyword, Boolean combination of keywords or complex regular expressions.
- An example of a correlated alert: “if x regular expression occurs more than three times per minute across the IT infrastructure including servers, routers and applications, then trigger an alert via e-mail or SNMP”.
- An example of a correlated search: “look for y regular expression or z user name across the IT infrastructure including servers, network devices and applications from time period a to b in the past”.
LogLogic is unique in then providing a platform for unchanged and tamper-proof storage of log data. Up to 24 terabytes on a single appliance. We also provide the engine that determines who gets access to what.
Then, through easy-to-use templates, you can assemble more than 13,000 different reports - have them generated and distributed automatically - or, make use of our Complaince Suite that provides more than 175 reports and alerts on COBIT 4.0 processes.
Not all vendors go beyond providing a "rear view mirror" into LMI. LogLogic does - and provides much more.
Posted March 27, 2006 in LogMatters | Permalink
TrackBack
TrackBack URL for this entry:
http://www.loglogic.com/mt/mt-tb.cgi/42
June 2008
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 |
Categories
Archives
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005