In modern server environments, the number, volume, and variety of computer logs has increased greatly. This has enhanced the ability of IT departments to track down the source of problems, but it has also created the new challenges of generating, transmitting, storing, analyzing, and disposing of computer events. Computer log management helps ensure that computer event records are stored in sufficient detail for an appropriate period of time.
A Careful Balance
The fundamental challenge in log management is balancing a limited amount of log management resources with a continuous supply of log data. A high number of log sources, inconsistent log formats among sources, and a large volume of log data create challenges for log generation and storage. The number of people from a range of areas that need to review and analyze logs makes security a prime concern.
The Requirements
IT managers, system administrators, security experts, developers, operational and support staff all need tools to access computer logs. To enable proactive, rather than reactive analysis, those tools need to allow us to more easily accomplish a range of tasks:
- Assembling audits
- Performing forensic analysis
- Providing support to internal investigations
- Establishing baselines
- Identifying operational trends
- Isolating long-term problems
Moreover, computer log management solutions need to be compliant with security legislation and standards such as FISMA, HIPAA, GLBA, SOX, and PCI DSS.
The Solution
To meet all these needs, Cima has developed Enterprise Server Log (ESL). Originally developed for, and tested in the environment of one of our largest clients, ESL is now available to the public under a GPL license.
ESL Features
- Server, Administration Console, and Analytics applications
- Secure transmission & retention of data
- Lowp rocessing overhead
- Low storage overhead
- Date and data consolidation and estandarization
- Compatible with a range of technologies, including
- Java Logging
- Log4J
- .NET
- PL/SQL
- Syslog