Log & Event Management. File Integrity Monitoring. Endpoint Monitoring & Control. One Integrated Solution
Document Downloads:
LogRhythm is an Enterprise-class application that seamlessly combines Log & Event Management, File Integrity Monitoring and Endpoint Monitoring & Control into a single integrated solution. It is highly reliable, cost effective and easily scalable across any size enterprise. With LogRhythm, you can invest in a single solution to address needs and challenges throughout the organisation, whether they are related to compliance, security or IT operations.
There is a wealth of information that can be derived from log data whether it originates in applications, databases, servers, network devices or endpoint systems. By automating the collection, organisation, analysis, archiving and reporting of all log data, LogRhythm enables organisations to easily meet specific requirements, whether driven by internal best practices or one of many compliance regulations. The solution delivers valuable, timely and actionable insights into security, availability, performance and audit-related issues in real time.
By fully integrating functionality traditionally associated with Security Information and Event Management (SIEM) with File Integrity Monitoring and Endpoint Monitoring & Control, the collective value of all functions grows substantially. For example, security personnel can be notified in near real-time when sensitive files are changed, deleted, etc., and the activity can be traced back to the individual user who performed them. These capabilities allow organisations to meet additional regulatory compliance requirements, such as Payment Card Industry Data Security Standard (PCI DSS) 11.5 and 12.9, without purchasing a separate product
Similarly, if an employee were attempting to move highly sensitive data from his/her laptop to a removable media device, LogRhythm would log the activity in near-real time, report it and if the event mapped to a predefined alarming rule, the system could automatically send an alert to specific staff responsible for addressing potential data leakage incidents. Some organisations may even choose to leverage LogRhythm's Endpoint Monitoring & Control to block movement of data to removable media altogether.
LogRhythm's comprehensive solution empowers customers to centralise, simplify and strengthen their compliance, security and IT operations posture.
LogRhythm offers a building block approach to deployment. Whether you are looking to comply with the mandates of a specific regulation or enterprise-wide requirements, your LogRhythm deployment can grow incrementally by simply adding turnkey LogRhythm appliances as your expansion needs evolve. LogRhythm is quick and easy to install and offers a rapid time-to-value, or Return on Investment (ROI).
Log & Event Management
Historically, log management and event management have been viewed by most as two distinct functions that operated independently and were usually purchased and managed separately. However, LogRhythm have always believed that for any organisation to fully tap the potential value and insight of log data, the two function must be delivered as one solution. As such, from version 1.0, developed over six years ago to the fifth generation product, the award-winning LogRhythm solution has provided log management, log analysis, event management and reporting in a single fully integrated system.
Log Management Highlights:
- Collect logs from all your log sources, whether Windows events, syslog, flat file, NetFlow, databases or applications
- Organize logs in a centralized, scalable & secure manner
- Enable fast, flexible search into all logs
- Automate log archiving and retrieval for long term retention
- Search and recover archived logs in seconds
Log Analysis Highlights:
- Automate log classification, normalization, aggregation & correlation
- Identify anomalies in applications, databases, systems and devices in real time
- Perform advanced filtered and forensic searches across all logs
- Perform trending analysis across millions of logs in a single view
- Apply advanced data mining techniques for investigations or root cause analysis
Event Management Highlights:
- Automate real-time monitoring and alerting
- Flexible role-based alerting
- Automatically prioritize alerts based upon asset value of impacted system or application
- Conduct easy forensic search & analysis
- Apply comprehensive incident management
- Provide real-time access to detailed event and log data for rapid response
Reporting Highlights:
- Packaged Compliance reports for SOX, PCI-DSS, FISMA, GLBA, HIPAA, etc.
- Schedule automated delivery of reports or report packages
- On the fly reports based on any search or investigation
- Easily tailor or customize reports based on your needs
- Virtually unlimited reporting capabilities
Intelligent IT Search:
- User and Host contextualization enables search based upon origin and/or impacted hosts/users
- Launch intelligent searches in real-time (i.e., as logs are being generated)
- Quick Search toolbar available from any user dashboard screen
- Perform one-click correlation from any search
- View millions of logs via 3-D visualization to discover anomalies and analyze trends rapidly
