Assuria Log Manager
Assuria Log Manager (ALM) for enterprise wide management, collection, secure storage, analysis and reporting of audit logs generated by systems, devices and applications. ALM is scaleable, equally applicable to installations with ten systems or tens of thousands of systems. ALM is fully supported running real or virtualised environments. All collected logs are retained in their original format and are available for full forensic analysis.
Assuria Log Manager manages large communities of logs from Servers and Workstations, Windows, LINUX and UNIX as well as Databases, Applications and network devices such as firewalls and routers. A fully scalable solution. Assuria Log Manager support the collection of logs from other devices such as building access control systems.
Features
-
Enterprise wide log collection. Secure and forensically sound collection of logs into a central store.
-
Real-time alerts. Configurable to specific log events, sent via SNMP or configurable to other tools.
-
Agent based collection ensures the Security, Continuity and Integrity of all collected logs.
-
Digitally signed. A SHA256 checksum is calculated and the log digitally signed before transfer. The transfer of logs over the network is encrypted using TLS.
-
Secure storage. Log cataloguing, chain of custody records, archive creation and management.
-
Archive to secure long terms storage, complete with a digitally-signed manifest.
-
Forensic readiness. Centrally stored, with all of the handling of the logs preserving the original format so that forensically sound data is available for investigation when required.
-
Scalable and Modular architecture. Designed to support from 1 to 000's of log sources.
-
Content packs provided by Assuria are flexible and extensible used to describe each log allowing 'interesting events' in the collected logs to be tagged and indexed within the ALM database.
-
Analysis: Collected logs can be processed by a rules-based analysis engine, allowing 'interesting' events to be tagged and written to a database for further structured analysis and reporting.
-
Inspection: Collected logs can be indexed allowing very fast unstructured querying of log data.
-
Console. Assuria Log Manager Console provides all agent control and the management of collected logs along with facilities to run queries, generate and print reports.
-
Virtual operation. Operates and is fully supported in a virtualised environment
-
Reporting. Flexible analysis, correlation, aggregation and reporting in HTML or PDF. Standard reports are provided plus an easy to use custom report generator.
