LogRhythm: Analysis and Search of Log Files

December 17, 2008

A couple of years ago I visited a very big US government agency. I asked about log files. I learned that these were often deleted without review. The reason was, as I recall, that log files were too big. Okay, that told me quite a bit about the US government’s interest in log files. Had this big government agency had access to LogRhythm, maybe those log files would have been reviewed. LogRhythm (a variant of logarithm, get it?) is a special purpose content processing system with a search component. You can read the MarketWatch news item here. The company’s system can automate monitoring, analysis and alerting for internal or external threats. The company has added what it calls “intelligent IT search.” The software  classifies content and adds metadata to log entries. One use of the system is to query logs for an audit event; that is, modifications to access authentication privileges linked to user’s network log in. I think this means that an organization fires a guy or gal. LogRhythm makes it easy to find out if said guy or gal has taken an action that the organization deems inappropriate. The metadata generated from log files includes consistent date and time stamping, prioritization of events, and context tags to pinpoint a harmless file transfer versus a file transfer to one that goes to an external IP address from a secure source within the organization. If you are struggling with log file analysis, LogRhythm may be able to help. More information is available here.

Comments

One Response to “LogRhythm: Analysis and Search of Log Files”

  1. Safeguard Against Random Password Hacks | Sekiur My Thoughts on February 5th, 2009 4:09 pm

    […] LogRhythm: Analysis and Search of Log Files (arnoldit.com) […]

  • Archives

  • Recent Posts

  • Meta