LOGalyze

The LOGalyze log-collecting and analysing system is a Hungarian product. It can be used simply, it has low operation cost, high error-bearing capacity, central system log management tool for general purposes. It gathers the logs to a central point from any operation system, active network tool or special applications, it recognises, breaks down, indexes and compresses then. The LOGalyze:

  • Assures high-speed log processing
  • With the built-in or freely makeable log-definitions it recognises, breaks down, indexes and stores the log lines
  • Assures the processing of the logs of special applications
  • Provides web-based front-end for the efficient access to the data
  • Gathers multi-dimensional statistical data in real time, by using any field of any log-line
  • Forwards te logs to other tools through a safe channel
  • Produces exportable reports, automatically in PDF format
  • Sends alarm sin case of logs that are adjusting to specially defined conditions
  • Finds connections between the independent log-lines, performs correlation analysis in real time
  • Syslog, rsyslog, syslog-ng, Lasso, Snare compatible
  • Gives SOAP API interface to the external software

Compliance reports

The LOGalyze helps in corresponding to the various requirements:
  • HIPAA – Health Insurance Portability And Accountability Act
  • PCI DSS – Payment Card Industry Data Security Standard
  • Sarbanes-Oxley Act
  • PSZÁF – HPT

Log-analysing motor

  • Collectors
    • Syslog UDP/TCP (Syslog, rsyslog, syslog-ng, Lasso, Snare compatible)
    • Text file collector (with separating character or with fix field width), even through the HTTP(S), FTP, SFTP channel
    • Multi-line log-file collector
    • Native Solaris binary audit log collector
  • Processing and analysing model
    • It breaks down the incoming log to fields and names them
    • Normalising
    • Produces quickly retrievable indices
  • Statistics
    • Generates multidimensional statistical data in real time by using any field
  • Event handling and alarm
    • Generation of simple events
    • Recognising the connections between log-lines (correlation log analysis)
    • Managing the baseline events (anomaly recognition)
    • Status storing, and generation of status-dependant events
    • Alarm on various channels
  • LOGalyze SOAP API
    • SOAP API web-service
    • With the SOAP toolkit (available on PERL or .NET systems) it is possible to attach client to the LOGalyze

Web-based front-end

  • General characteristics
    • Web platform, can be tailor-made, can be run on browser
    • There is no need for installation on client side, easy maintenance
    • Multilingual user platform
  • Searching, browsing
    • Tailor-made views
    • Column-based structure
    • Special filtering possibilities
    • Google-like-search
  • Displaying the statistics
    • Displaying the multidimensional statistical data
    • Various graph types: line, column, bar-chart, pie-chart
    • Data table view
  • Report maker
    • Reports that can be made automatically and can be timed
    • Pre-installed compliance reports
    • Various display forms: email, HTML online, PDF, CSV, XLS
  • Administrative functions
    • User and authorisation management
    • Handling the Log sources
    • Tailor-made user-platform
    • Internal audit log, internal events

Log definitions

  • Windows 2003 System, Security, Application event logs
  • Windows 2008 event logs
  • Linux standard events
  • OS Audit Subsystem logs (AIX audit log, Solaris audit log)
  • Network devices (Cisco, Juniper, etc.)
  • Oracle audit trail
  • System software logs (Apache, Postfix, Sendmail, Squid, etc.)
  • Possibility for processing the logs of special applications