Log Processing and storage with ALM
Assuria Log Manager (ALM) processing components, starting with the Store as populated by the Collector[s] with received log data. Processing falls into three categories:
Subscribers process new data as they arrive:
- The Analyser normalises and filters events, generating alerts and putting interesting events into the ALM database.
- The Exporter exports data in a variety of formats to external systems (e.g. another ALM system or a third-party system).
- The Correlator links related events together. It uses the Analyser’s normalisation framework.
On-demand access to data:
The Searcher provides on-demand web search engine style querying of the collected logs.
The Archiver manages the transfer of logs onto secondary storage (and back again) depending on the customer’s data retention requirements.