Log and Security Management Software

708

HP ArcSight ESM provides enterprise security management software that combines event correlation and security analytics to identify and prioritize threats in real time and remediate incidents early. Reports charts and dashboards can be configured to individual needs.

HexisCyber provides two main products. HawkEye is a family of integrated products and services addressing security, compliance, data retention and other related applications. Using a scalable big data platform, sophisticated analytics it supports deep forensic scanning, and a continuously updated library of threats and countermeasures. NetBeat provides organizations with simplified network monitoring, analysis and control.

Loggly is known as an enterprise class log management solution provisioned as a cloud solution. The Loggly Dynamic Field Explorer organises logs by their inherent structure, and continuously refreshes a catalog of fields with various calculated metrics. Dashboards can be constructed to show relevant data and alerts generated when pre-set conditions are met. Various packages are provided starting at US$49 per month and rising to bespoke packages for large enterprises.

LogLogic from TIBCO can process very high volumes of data from thousands of devices. The Visual Analytics component (includes map charts, tree maps, heat maps, box plot, as well as tyhe usual line, bar and pie charts) is particularly powerful, and the in-memory data engine and Data on Demand capability enable users to dynamically filter and drill down to micro-level details.

LogRhythm majors on security intelligence with unified SIEM, log management, network and endpoint forensics. It also provides innovative compliance automation and assurance, and enhanced IT intelligence.

Logscape supports interactive log file analysis without the need to set up a schema, and provides analytics to slice, dice and excute precisely defined searches. Both structured and unstructured data are supported with charts, and dashboards for specific roles.

McAfee Enterprise Log Manager collects, compresses, signs, and stores all original events with a clear audit trail of activity that can’t be repudiated. Security events are collected and linked directly to the original record stored on it, enabling one-click access for event management, forensic investigations, and compliance monitoring. It accommodates different log management needs via flexible storage pools spanning local or remote storage devices and configurable retention periods.

RSA Security Analytics is software that gives security operations teams complete visibility to detect, investigate, and take targeted action against even the most advanced of attacks before they can impact the business.

Sawmill allows organisations to analyze, monitor and alert a wide range of systems, with extensive log processing and reporting features. It comes in Lite, Professional and Enterprise editions.

SolarWinds facilitates monitoring of network performance, applications and systems optimisation, database performance tuning and monitoring of security and compliance. A variety of charts and reports can be created, and dashboards can be configured for individual needs.

Splunk enables the collection, indexing and analysis (particularly visualisation) of machine data, and is ideal for IT ops, security monitoring and other applications where streaming machine data is available. Splunk can be implemented on-premises or as a SaaS solution. Various editions are available to suite size of user.

Sumo Logic is a SaaS providing support for Devops, IT infrastructure and operations and compliance and security. The highly resilient multi-tenant architecture can scale to any data volume and query performance, and the patent-pending LogReduce™ technology reduces hundreds of thousands of log events into groups of patterns. The Anomaly Detection technology, powered by machine-learning algorithms detects deviations to uncover the unknowns in your data. Outlier Detection also powered by a unique algorithm, analyzes thousands of data streams with a single query, determine baselines and identify outliers in real-time. Purpose-built visualization highlights abnormal behaviors giving Operations and Security teams visibility into critical KPIs (Key Performance Indicators) for troubleshooting and remediation. A free starter subscription is available for modest needs.

Symantec Log Management simplifies queries and reporting of log data, monitors logs to detect malicious or unauthorized activity, manages log data to meet IT risk and compliance requirements related to log retention, and proactively consolidates log data to create alerts and troubleshoot vulnerabilities with industry-leading global intelligence.

vRealize Log Insight from VMWare provides real-time log management for VMWare environments, with machine learning-based Intelligent Grouping, high performance search and better troubleshooting across physical, virtual, and cloud environments. The flat pricing model that includes unlimited amounts of data.

XpoLog supports DevOps, IT Ops, application management and system admin through its ability to collect data from diverse devices and its search and analytics capability. The search engine is Goolge like in nature, and data visualisations include statistics, charts, dashboards, geomaps and the ability to easily distribute them to interested parties.