syslog server – High performance service for collecting logs
- Use all the strengths of the syslog-ng Premium Edition
- Find logs, secure sensitive data with granular access policies and generate reports
- Forward logs to third-party tools
SYSLOG SERVER – CLOUD LOG MANAGEMENT SERVICE TO MANAGE YOUR LOGS
Log Management service allows you to keep logs (applications, system, audit logs, query databases, etc) in the Secure Online Desktop Cloud secure from any tampering with respect to data retention rules.
COLLECT AND INDEX LOG DATA IN CLOUD
Log Management service uses the syslog-ng Premium Edition as log collection agents which provide highly scalable and reliable log collection. Installers are available for 50+ platforms, including the most popular Linux distributions, commercial versions of UNIX and Windows.
The indexing engine is optimized for performance. Depending on its exact configuration, one syslog-ng Store Box can collect and index up to 100,000 messages per second for sustained periods. A single Log Management instance can collect log messages from more than 5,000 log sources. When deployed in a client-relay configuration, a single Log Collector can collect logs from tens of thousands of log sources
SEARCH, TROUBLESHOOT, AND REPORT
With full-text search, you can search through billions of logs in seconds via the intuitive web-based user interface. Wildcards and Boolean operators allow you to perform complex searches and drill down on the results. Users can gain a quick overview and pinpoint problems. Users can easily create customized reports from the charts and statistics they create on the search interface to demonstrate compliance with standards and regulations such as PCI-DSS, ISO 27001, SOX and HIPAA.
HIGHLY SCALABLE INDEXING ENGINE
The Log Management service is optimized for performance, and can handle enormous amounts of messages. Depending on its exact configuration, it can index over 100,000 messages per second for sustained periods and process over 70 GB of raw logs per hour.
syslog server – REAL-TIME LOG DATA TRANSFORMATION
Filter, Parse, Re-Write
The syslog-ng application can sort the incoming log messages based on their content and various parameters like the source host, application, and priority. Directories, files, and database tables can be created dynamically using macros. Complex filtering using regular expressions and boolean operators offers almost unlimited flexibility to forward only the important log messages to the selected destinations
Parse key-value pairs
Log Aggregator can separate a message consisting of whitespace or comma-separated key-value pairs (for example firewall logs) into name-value pairs.
Parse sudo log messages
Privileged user accounts represent the highest security risk, as they allow access to the most sensitive data and resources. The sudo parser enables you to enrich your log message data with details of privilege escalation events.
Normalize data with PatternDB
The syslog-ng application can compare the contents of the log messages to a database of predefined message patterns.
Real-time log message classification
By comparing log messages to known patterns, syslog-ng is able to identify the exact type of the messages, and sort them into message classes. The message classes can be used to classify the type of the event described in the log message. The message classes can be customized, and, for example, can label the messages as user login, application crash, file transfer, etc.
Extracting important information from messages
In addition to classifying messages, you can also add different tags which can be used later for filtering messages, for example, to collect messages tagged as user_login to a separate file or to perform conditional post processing on the tagged messages.
Real-time event correlation
Syslog-ng also makes real-time event correlation possible. This can be useful in many different situations. For example, important data for a single event is often scattered into multiple syslog messages. Also, login and logout events are often logged far away from each other, even in different log files, making log analysis difficult. Using correlation these can be collected into a single new message.
syslog server – AUTOMATED BACKUP OF STORED DATA
Stored log messages and the configuration of SSB can be periodically transferred to a remote server using the following protocols
– Network File System protocol (NFS);
– Rsync over SSH;
– Server Message Block protocol (SMB/CIFS).
PrivacyHub è un network di aziende costituito con l’intento comune di costituire un centro di competenza per rispondere in maniera professionale e mirata al nuovo regolamento Europeo e a tutti i temi legati alla protezione dei dati. https://www.secure-od.com/it/privacy/
I servizi di #VulnerabilityAssessment e #PenetrationTest consentono di verificare la robustezza della tua rete https://www.secure-od.com/portfolio-x/vulnerability-assessment-penetration-test/
The #Atlanta #ransomware attack shows why organization need new defenses against the modern threats to their data. @secureod can help. #ATL http://bit.ly/2pD4hNw https://www.secure-od.com/acronis-cloud-backup/
Our #WorldBackupDay Survey revealed that 1) fewer people are backing up and 2) more are losing data. What did they think was going to happen?! See the findings here: http://bit.ly/2IZtIRs #AcronisWBD https://www.secure-od.com/acronis-cloud-backup/
@privacy_hub è un network di aziende costituito con l’intento comune di costituire un centro di competenza per risp… https://t.co/la7uuNmzMe
I servizi di #VulnerabilityAssessment e #PenetrationTest consentono di verificare la robustezza della tua rete https://t.co/fkdUZIyu7r
The #Atlanta #ransomware attack shows why organization need new defenses against the modern threats to their data.… https://t.co/8XVITxco96
Adeguamento al nuovo regolamento privacy (UE) 2016/679 https://t.co/xydxcziz4a