The Benefits of Powerful, Flexible Log Collection and Management

Published on May 13, 2021

The Challenge of Company-Wide Data Aggregation

As companies grow and add more disparate applications to their environment, log collection becomes a major challenge for the IT organization. Add in the complexity of collecting enough log data to remain compliant, addressing privacy standards, and security concerns from modern threats, and log collection can become an overwhelming challenge.

The key to an effective log collection system lies in your ability to dynamically ingest log data in real time from all available log sources. A solution that can ingest your data into a central location and make it easy to filter, classify, transform, and digest, makes the burden of log collection and management easier for your organization.

 

Securonix Next-Gen SIEM With Advanced Log Collection Powered by NXLog

With the Securonix Next-Gen SIEM, featuring advanced log collection capabilities through their partnership with NXLog, we make sure companies can implement a scalable data aggregation system. Securonix provides you with a solution that ensures logs are collected in an efficient, secure, and reliable method while allowing the data to be structured, formatted, and filtered as required.

 

Benefits

Frictionless Log Aggregation

Extend and simplify data ingestion across disparate log sources by standardizing on one key technology. Our solution supports all major operating systems including Windows, Linux, and Mac OS platforms. Network device log collection is also supported through agentless log collection options. Securonix can even collect from IT/OT sources like major ICS/SCADA systems with NXLog.

Simplify IT Security Operations

Securonix reduces the cost to distribute and manage log collection processes by offering event log parsing on the host level. Our solution can read multiple log sources and send logs to multiple destinations using a single service.

Meet Compliance Mandates

Continuous assurance that your organization meets compliance and standards requirements because the needed log messages are sent to the Securonix solution. Our solution includes controls such as file integrity monitoring (FIM).

Reduce the Risk to Logs in Transit

Collect logs from multiple devices using a single tool that allows logs to retain their integrity while being transferred. Our solution utilizes reliable transfer with compression, protocol-level acknowledgment, and batching to reduce risk.

 

Unique Multi-Platform Log Management Support

Securonix with NXLog provides log collection with multi-platform support as shown in the figure below. With agent-based log collection, NXLog runs as an agent on the system that is generating the log data. It collects the log data and sends it to another NXLog instance over the network. It supports platform specific sources such as the Windows Event Log, Linux kernel logs, Android logs, local syslog, and more.

For embedded or legacy systems, such as routers and switches, that do not support agent installation, NXLog agentless log collection is used. With this mode of log collection, a server or device sends log data to an NXLog instance over the network, using its native protocols. NXLog collects and processes the information that it receives before forwarding it to Securonix Next-Gen SIEM.

 

Agent-Based Log Collection                                       Agentless Log Collection

Multi-Platform Log Management Support

 

Securonix Next-Gen SIEM

With Securonix Next-Gen SIEM log collection powered by NXLog, customers gain both agent-based and agentless collection capabilities. Administrators can collect data from common system logs and log formats including Syslog, Windows Event Log, file-based logs, and databases. In addition, specialized APIs and SDKs allow for remote collection. Flexible log collection, whether it is agent-based or agentless, can be employed as the security team needs in order to align with organizational priorities.