Securing Your DC: Part 2 – System Security Through Log Management

The systems and applications running in your data center are a great source of security information. Events that happen while these systems and applications run are stored in log files or logs. By reading these logs you can tell who did what, to what, and when. Many government and industry regulations make regular review of logs mandatory for compliance purposes.

Alert Logic Event Log Example

But there are challenges when dealing with logs. You need expertise to understand what data in the above log file is important and most organizations have a lot of log data to sort through. The SANS Institute estimates that a typical 750-employee company with five locations generates an average of 150 events per second. That’s 12.9 million logs per day! Because of the complexity and sheer volume of logs, many organizations turn to log management tools to help manage their log data.

To help SingleHop customers manage log data, we’ve partnered with Alert Logic, a provider of Security-as-a-Service solutions.  The Alert Logic Log Manager solution delivers security and compliance monitoring of log data by collecting, parsing, analyzing, and archiving data. It’s unique in that these capabilities can be delivered as a service, where Alert Logic security analysts review log files for you and deliver daily reports that satisfy regulatory requirements.

Log Manager also offers features to help you understand logs, including pre-built reports and custom analysis tools. For more information on Log Manager, visit the Alert Logic website, and for good tips on managing your log data, including information on what logs to collect and automating the log management process, download Alert Logic’s Log Management Best Practices white paper.