Log Data Exporting with Assuria Log Manager
Most SIEM solutions rely on 3rd party log data collection and forwarding, or at best some form of crude syslog collection, because they’re designed almost exclusively for Log Data Analytics, not log management or log collection.
ALM on the other hand, is almost unique in the SIEM market for having powerful forensic Log Management and Log Collection mechanisms built in as standard. Because ALM takes full control of the management and collection of log files (including log rotation, collection of essential meta data such as date/time stamps, Active Directory information etc.), the log data that the ALM analysis sub-system processes is trusted, complete, original and of evidential quality.
ALM customers know that the log data they’re working with is absolutely original, complete, unmodified and that nothing has been added or deleted. ALM agents ensure that there is a ‘chain of custody’ to verify this.
ALM Log Data Exporter
These same forensic log management and collection features can now be exploited by organisations that have already invested in another SIEM or Analytics system that can’t provide this service, which let’s face it, is most of them!
The ALM Log Data Exporter can be deployed to manage, collect, secure and normalise log data for use by almost any other system, whether 3rd party analytics engines (such as Detica NetReveal), protective monitoring systems, capacity planning tools, performance monitoring tools or enterprise GRC platforms.
ALM Log Data Exporter provides configurable data export facilities. Export methods include:-
• Raw log data
• JDBC / SQL
ALM Log Data Exporter can select log data for export using various criteria, including:-
• Original log file
• Selected events
• Aggregated and correlated events
ALM Log Data Exporter can export log data in various forms, including:-
• Raw log data
• Form normalised event data (i.e. different formats are removed but the content remains as originally written)
• Content normalised event data (i.e. content is normalised using the customisable Assuria Log Data Taxonomy)