Log, Events &
Security Analytics

Provides visualization, advanced analytics, indexing, and
archival of IT Logs, Application logs and Events
Problem

Huge volume, variety and velocity of logs from different IT systems (servers, firewalls, routers and other network devices spread across multiple sites) results in data explosions. Therefore IT teams have a difficult time to effectively capture, analyze for insights and archive this wealth of data. This includes:

  • Volume, variety and velocity of log data
  • Disparate data sources and no centralized logging
  • Stringent short-term and long-term log archival requirements
  • Security risks, multi-tenancy and role based access support
Solution & Key Benefits

Provides a highly scalable and secure multi-tenant solution to collect, analyze and archive wide variety of logs and events.

  • Centralized logging, indexing and analytics
  • Advanced search, visualization and dashboards
  • Intrusion detection and analysis from IDP/IDS logs
  • Untampered, unalerted logs for regulatory compliance
  • Periodic and On-demand reports/archive file generation

Key IT Operational Insights from Logs

Early detection of performance and security issues

Access to historical logs for forensic analysis

Untampered, logs for highly-regulated environments

Enables Audit Compliance with Anytime Log Access

AI Powered Event Pattern Recognition & Processing
How it Works
 

Data Sources

Access/Protocols

  • TCP/IP
  • Packet capture
  • SNMP Traps
  • HTTP/S
  • SSH
  • WinRM
  • WMI
  • Log Shippers
  • File/Metric Shippers
  • User Actions/Audit
  • 3rd Party Tools/APIs
  • More...

Metrics / Insights

  • Journal Entries of IT Systems
  • Security/Threat Events
  • Operational/Performance Metrics
  • User/Entity Interactions
  • Network Entities
  • Web/App server interactions
  • More...



Top Talkers, Top Apps, Netflow Chord Diagram
Interface Utilization, Flow records ...


Geo view of threat origins, Drill down Analytics,
Views by log sources ...


Performance Metric &
More...


Actionable Insights
  • Identification of chatty applications/devices
  • Compromised user accounts/entities
  • Identification of non-compliant devices/entities
  • Threat origins identification
  • Identification of performance bottlenecks
  • More...
Automated Actions
  • Firewall/ACL rules creation
  • Automated log processing & archival
  • Automated Incident/Notifications
  • Automated Performance Diagnostics
  • Scheduled Reports
  • More...
 
Supported Use Cases
 


NetFlow Collection & Monitoring



Security/IPS/IDS Log Collection, Archival & Monitoring



Syslog Collection, Archival and Monitoring



Application log Monitoring



More

 
Pricing