Businesses today have a compliance requirement to keep historic log data especially for auditing purposes. Collecting, maintaining and recovering historic log data can be expensive. Imagine trying to recover logs from a specific server two years in the past. Were the logs archived, if so, where have the logs been stored? What format are they in? Can the correct archived log files be identified among the tens of thousands (or millions) of other archive files?
LogCentral from Infrascape is a robust and scalable log intelligence solution directly targeted at meeting the compliance and risk mitigation requirements of the most demanding enterprises and service providers. With all log data available for queries and reports, users can pinpoint the locations of threats or other network problems, creating graphical or text-based reports for management, audits, network planning, and policy validation. LogCentral can store terabytes of log data to make a high-volume of logs instantly accessible to support decision-making and problem resolution.
LogCentral completely automates the process of archiving and restoring log data. Based on your policy, LogCentral automatically archives log data to archive files. Archive files are saved in a compressed format resulting in a 90% reduction in storage requirements and associated cost. Recovering historic logs is a simple process. The restoration process restores log data which can be analyzed using the LogCentral analysis tools.
LogCentral's distributed architecture has a centralized server acting as the UI and database server and a lot of small servers acting as collectors distributed all over the network collecting logs at various locations.
LogCentral collects logs from all windows based servers and applications that write their logs to the application event log or custom event log. It also collects logs from all the Unix servers and network devices that support SysLog. SysLog is a standard for transmitting log messages across the network. LogCentral includes an integrated SysLog server for receiving and processing these messages. Any log written to an ASCII based text file can also be collected by Log Central.
Alarms can be flagged and defined to be sent as Emails and SMS to specified users. Role based security gives the administrator more control over sending of alarms based on the users defined thereby reducing the number of false or unwanted alarms to users.
The users can sort and filter logs by running queries and using an advanced search option .The query based search option gives the user more insight into the logs and makes the retrieval process very easy.
Dozens of built-in reports including traffic reports using SysLog from routers and firewalls. Exportable to MS-Word, MS-Excel and PDF formats.