Most SIEM solutions rely on 3rd party log data collection and forwarding, or at best some form of crude syslog collection, because they’re designed almost exclusively for Log Data Analytics, not log management or log collection.
ALM on the other hand, is almost unique in the SIEM market for having powerful forensic Log Management and Log Collection mechanisms built in as standard. Because ALM takes full control of the management and collection of log files (including log rotation, collection of essential meta data such as date/time stamps, Active Directory information etc.), the log data that the ALM analysis sub-system processes is trusted, complete, original and of evidential quality.
ALM customers know that the log data they’re working with is absolutely original, complete, unmodified and that nothing has been added or deleted. ALM agents ensure that there is a ‘chain of custody’ to verify this.
These same forensic log management and collection features can now be exploited by organisations that have already invested in another SIEM or Analytics system that can’t provide this service, which let’s face it, is most of them!
The ALM Log Data Exporter can be deployed to manage, collect, secure and normalise log data for use by almost any other system, whether 3rd party analytics engines (such as Detica NetReveal), protective monitoring systems, capacity planning tools, performance monitoring tools or enterprise GRC platforms.
ALM Log Data Exporter provides configurable data export facilities. Export methods include:-