Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

LogLogic LX2010 4.0

The Upshot

Aggregating and storing log data is no longer sufficient. Auditing requirements are driving the need for new capabilities, like LogLogic's Open Log Services Web services API, to provide event index searching and reporting. Also crucial today are prebuilt report packages to give visibility into stored data.
LogLogic competes against other log analyzers such as Splunk. In addition, Security Event/Information Managers (SEM/SEIMs) from companies such as ArcSight and NetForensics store logs and provide log analysis, but they can also more expensive.
LogLogic 4.0 offer searching and reporting capabilities on stored data. Provided you know what you're looking for, its index searching and reporting are fairly robust, and its Web services API makes integration a snap.

LogLogic LX2010 4.0

A variety of regulations require companies to squirrel away computer event logs, just in case. But once you overcome the challenges inherent in storing and managing all that log data (perhaps by using log aggregation and storage products from companies like ArcSight, LogLogic, and netForensics), what then? We say, if you're going to collect and store all that data, you might as well put it to good use -- any cache as massive as a central log collection cries out for data mining and reporting. Who knows what tasty network operations or security event management tidbits you could recover.

To that end, many log management vendors are building simple search and reporting tools into their products, allowing IT to search events without having to deploy a full-blown SIM (security information management) suite. In version 4.0 of its eponymous product, LogLogic adds event index searching and reporting, a Web services API for integration with external applications, and predefined report templates aimed at reporting requirements for PCI and COBIT.

We installed the LogLogic 2010 appliance in our Syracuse University Real-World Labs' and pointed our internal servers and infrastructure logs at it. We collected upwards of 60 million log entries, most of them raw syslog events, and proceeded to check out the new features.

  • 1