ArcSight Logger: The Solution for Log Management Needs
To address the growing need for collection, storage and analysis of enterprise-wide log data, ArcSight Logger is delivered as a turnkey appliance that supports high performance collection of logs from any source into a highly compressed yet easily searchable and self-managing log data repository. ArcSight Logger can function as a standalone appliance for log aggregation or can complement ArcSight ESM deployments. Core features of ArcSight Logger include:
- High-Performance Log Aggregation. ArcSight Logger can capture raw logs at sustained rates in excess of 75,000 events per second (EPS) per appliance.
- Broad Device Support. ArcSight Logger supports collection from any raw syslog or log file source. Additionally, it supports the vast library of ArcSight SmartConnectors which enables optimized collection from over 170 distinct sources across 35 categories.
- Cost Effective Storage. Each ArcSight Logger appliance is equipped with 2 TB of secure and RAID enabled onboard storage. All log data is heavily compressed prior to storage yielding approximately 15 TB of raw data capacity per appliance.
- Scalability . Distributed ArcSight Logger appliances operate as an array, enabling users to query log data selectively or universally, across appliances as dictated by granular access controls.
- Dynamic and Distributed Querying. The simple Web-based search interface in ArcSight Logger supports both simple-term searches as well as sophisticated queries powered by regular expressions and Boolean logic.
- Ease of Deployment. Log aggregation is seamless with ArcSight Logger's hardened 1U appliance form factor, optimized file storage and built-in monitoring. No database administration expertise is needed and a 100 percent Web-based GUI simplifies deployment further by eliminating the need for client installations.
- Audit Quality Log Data. Numerous audit and litigation best practices have been incorporated into ArcSight Logger.
- Automated Retention Policies. Multiple retention policies can be defined by source type to match regulatory data retention requirements. These policies are automatically enforced without necessitating manual data disposition or clean-up efforts.
ArcSight Logger is a turnkey appliance which can capture and analyze all enterprise log data while providing a compressed, cost-effective and self-managing log repository.
For more information, click here.