Tapping Log Data
Log management converges with security event information management
February 16, 2009
That great untapped reserve of data you’re sitting on could be put to use—if you had the time to sift through all your log files. But you can’t seem to convey to management how much IT people hate going through log files, and anyway, you don’t have the time to explain nor to sift. Then, one day, management up and decides to get a log management solution. For compliance requirements. Who would have thought that compliance could be your new best friend? “Although people get log management products for compliance, a lot of use cases are for SLA [service level agreement] management and troubleshooting,” says Jian Zhen, VP of emerging technologies at LogLogic. “Logs are the fingerprints of what’s happening in the IT space.”
To analyze those fingerprints, LogLogic announced today LogLogic Security Event Manager, which combines LogLogic’s open log-management platform for collecting and archiving log data with Exaprotect EventManager to correlate, alert, and manage security incidents detected in the log data. Exaprotect is a European security information and event management (SIEM) solution provider. The partnership between the two companies is proof of an industry trend that could result in the log management market ultimately subsuming the SIEM market.
Security Event Manager is ready out of the box to work with LogLogic’s Linux-based log-management appliance. With its ability to be deployed quickly for advanced event correlation and analysis, incident workflow, and SLA management, the appliance competes with solutions from SIEM vendors by offering what the partners say is a more comprehensive picture of incoming threats as well as a way to streamline processes and operations. The appliance starts at $25,500.
LogLogic also announced its new suite of log-management products. Security Event Manager, part of the trio of solutions, is available now, and the other two, LogLogic Compliance Manager and LogLogic Database Security Manager, will be available later this year. Compliance Manager automates compliance workflow and maps compliance reports to specific objectives, helping CIOs see what their compliance posture is. Database Security Manager is a monitoring app for SQL Server, Sybase, or Oracle databases to alert and report on privileged user activities and to patch vulnerabilities.
About the Author
You May Also Like