Assuria Log Manager - Key Features
 resized.jpg)
Enterprise Wide Log Collection. Secure and forensically sound collection of logs from almost any source into a central store.
Log Management. Enterprise wide automated management of logs, including log rotation.
Forensic Readiness. Logs are collected in a secure and forensically sound manner, retaining their original form and complete with relevant meta data, thus allowing repeated examination with new analysis rules and use of the logs by other applications and processes.
Real-time Event Alerting. Configurable to specific log events, sent via Email and/or SNMP traps.
Agent Based Collection ensures the security, continuity and integrity of all collected logs.
Agent Based Log Management. Ensures the security, continuity and integrity of all collected logs and allows alerting at the log source.
Digitally Signed. An RSA/SHA256 digital signature is calculated and the log digitally signed before transfer. Transfer is authenticated and encrypted using TLS.
Secure Storage. Log cataloguing, chain of custody records, archive creation and management. Archive to secure long term storage, complete with a digitally-signed manifest.
Scalable and Modular Architecture. Designed to support almost any sized IT environment up to thousands of log sources. Supports multiple collection points, with load balancing and resilience built-in.
Analysis. Collected logs are processed by a rules-driven analysis and anomaly detection engine. Flexible and extensible analysis rules allow ‘interesting’ events to be tagged and written to a database for further analysis and reporting.
Unstructured Querying. ALM provides facilities to analyse and report on stored original log data, allowing unstructured ‘Google’ type searches on any item, providing effective interactive analysis and learning features. This will often leading to new automated analysis rules and reporting.
Reporting. Flexible analysis, correlation, aggregation and reporting in HTML, PDF, XLS, XML and CSV.
Data Export. Export of collected log data to external systems in various forms - raw logs, form normalised or content normalised.
