System for storing system and security logs and SIEM

LOGmanager is a system for centralised logmanagement of events and logs from all active network elements, security devices, operating systems and application software. It is a tool based on a new type of scalable database and a high-performance system for searching and presentation of search results. It collects all relevant events and logs in an organisation storing them in a secured centralised repository with pre-defined retention allowing to search over extremely large volumes of data in real time. Search results are presented in text and graphic form offering extensive interactive features for further processing.
The system also supports long-term storage of data ensuring its integrity and compliance with regulatory, forensic analysis and security audit requirements.
The system will provide great benefits also to operational facilities for which it allows, by a simple interaction with the events database, to identify causes of system failures, identify possible faults and quickly find events describing the causes of a specific problem, loss of data or communication.

Source interface

Windows Event Sender

System component is Windows Event Sender – client for servers and workstations. Client is central manageable and enables log collection from Windows operating systems. You can filter these logs. Encoded information in logs are translated to easy intelligible form.

Key specifications

  • Centralised logs repository for your organisation.
  • Centralised graphical dashboards.
  • Logmanagement tool.
  • Intuitive and fast search features.
  • Events correlation.
  • Log formats consolidation.
  • Long-term storage.
  • Complies with the requirements of the Act on Cyber Security and with the Czech standard ČSN ISO/IEC 27001.
  • Storing of logs for submission to organisations responsible for cyber security – CESNET CERST and CIRST or to the Police of the Czech Republic.
  • Storing of logs from all network and security devices, servers, workstations.
  • Prevention of loss of critical data.
  • Collection of logs to resolve operational issues and security incidents.
  • Verification of the storing of the event record in the repository, if supported by the device sending the event record.
  • Verification of the identity of the source sending the record, in order to avoid potential source forging, if supported by the sending device.
  • The licensing is not based on the number of devices or amount of events per second.
  • Cluster support is included in the standard version.