LogAdvisor

Log Analysis a top 10 strategic technology for 2010, says Gartner

December 27, 2009 · Leave a Comment

According to Gartner 2010 should be a good year for vendors in the Log Management market.  Gartner lists “Security – Activity Monitoring” as one of their top ten strategic technologies for 2010.

Gartner’s top ten states, “Information security professionals face the challenge of detecting malicious activity in a constant stream of discrete events that are usually associated with an authorized user and are generated from multiple network, system and application sources. At the same time, security departments are facing increasing demands for ever-greater log analysis and reporting to support audit requirements.”

It’s nice to see that more attention is going toward Log Management and SEIM, finally.  I remember about five years ago, while I was at LogLogic, we had a meeting with a Gartner analyst who told us there was ‘no market for log management’.  I disagreed, and I’m glad we listened to our customers more than the analyst.

→ Leave a CommentCategories: Logging
Tagged: , , , ,

Indexing vs. Normalization of logs

November 23, 2009 · 2 Comments

Recently a friend asked me whether he should normalize or index logs for faster reporting.  My response was that it depends on who is interpreting the reports.  I suggested he use indexing if the logs are coming from a single application and his users understand the log message format.  However, if the logs come from many different applications or have complicated message formats, then normalization is the quickest and easiest method.  In most cases the best method is to use both indexed and normalized log data if it is an option.
Keep reading →

→ 2 CommentsCategories: Logging
Tagged: , , , , ,

Quality Log Data is the Foundation of Log Management

October 27, 2009 · Leave a Comment

LM Hierarchy of Needs - step1

The foundation of the Log Management Hierarchy of Needs is for the applications and devices to produce quality log data. Keep reading →

→ Leave a CommentCategories: Logging
Tagged: , , ,

Log Management Hierarchy of Needs

October 14, 2009 · 1 Comment

Log Management has a hierarchy of needs similar to Maslow’s famous hierarchy.  An organization needs to strategize and automate their basic logging tasks before they can focus on the complicated, solutions such as correlation and analysis. Keep reading →

→ 1 CommentCategories: Logging
Tagged: , ,

6 Reasons I Hate Logs

October 12, 2009 · 6 Comments

hatelogs

Ok, Hate might be too strong of a word.  But there are a lot of times I can be very frustrated in working with Logs. Keep reading →

→ 6 CommentsCategories: Logging

6 Reasons I Love Logs

October 8, 2009 · 2 Comments

The “I Love Logs” was one of the marketing slogans that we used when I was at LogLogic and they still use it today.  At an early age I was taught not to love anything that can’t love you back.  Besides, I’m a man and men don’t throw around the ‘L’ word very often.  So I just like logs.  Here are some of the reasons that I really like logs:

Keep reading →

→ 2 CommentsCategories: Logging
Tagged: ,