Woman on PDA
Assuria Log Manager is designed to manage audit logs generated by systems devices and applications

Operating systems, system software and applications have for many years had features to write audit logs to record events, data or actions taken.   The benefits of using log data are well known to IT professionals who have used the information contained in logs for diagnostics and to verify actions taken by software, often as the first steps in problem identification.

Today such audit logs have attained a much higher level of importance; this is driven by several factors including policy compliance requirements.  Organisations of all sizes and in both the public and private sector are increasingly required to be in compliance with an increasing number of legislative and industry regulations and standards. The requirements are driving organisations to seek tools to assist and automate their log management and compliance processes. 

Uses for collected logs and log data can vary from near real-time collection and in-memory correlation of network traffic, through near real-time alerting / host based intrusion detection, regulatory compliance reporting, problem identification and resolution to incident response and forensic analysis.

Enquire about this product

X Virus X Spyware X Spam X Web/IM X IPS/Patch Mgmt 5 Data/System Mgmt

ALM Collection Architecture

Key Features

  • Enterprise wide log collection. Secure and forensically sound collection of logs into a central store.
  • Real-time alerts. Configurable to specific log events, sent via SNMP or configurable to other tools.
  • Agent based collection ensures the Security, Continuity and Integrity of all collected logs.
  • Digitally signed. A SHA256 checksum is calculated and the log digitally signed before transfer. 
  • The transfer of logs over the network is encrypted using TLS.
  • Secure storage. Log cataloguing, chain of custody records, archive creation and management.
  • Archive to secure long terms storage, complete with a digitally-signed manifest. 
  • Forensic readiness. Centrally stored, with all of the handling of the logs preserving the original format so that forensically sound data is available for investigation when required.
  • Scalable and Modular architecture. Designed to support from 1 to 000’s of log sources.
  • Content packs provided by Assuria are flexible and extensible used to describe each log allowing ‘interesting events’ in the collected logs to be tagged and indexed within the ALM database.
  • Analysis: Collected logs are processed by a rules-based analysis engine, allowing ‘interesting’ events to be tagged and written to a database for further analysis and reporting.
  • Reporting. Flexible analysis, correlation, aggregation and reporting in HTML or PDF.
  • Console. Assuria Log Manager Console provides all agent control and the management of collected logs along with facilities to run queries, generate and print reports.

Architecture Components

  • Log Manager Agent: Monitors and collects logs and securely transfers to the Collector. The Agent can optionally sign each log.
  • Log Manager Alerter: An optional near real-time alerter, integrated with the Log Manager agent, that can be configured to generate alerts when specific events are detected in monitored logs.
  • Log Manager Collector: Receives logs from Agents and transfers the log to the Log Store. Validates received logs and can optionally sign each log. Logs are indexed as they are collected and stored.
  • Log Store: A file structure used to store collected logs, metadata and ALM configuration and report data.
  • Log Manager Database: holds information about tagged ‘Interesting Events’, Agents, Logs and Agent policies.
  • Log Data Analyser: Analyses logs, tagging those with interesting events as defined in a set of ‘Content Packs’.  The analysis results are stored in the database for reporting and display.

Assuria Log Manager Processing Services

  • Log Data Archiver:  Manages the archiving of selected sets of logs based on flexible criteria. Allows tracking of archives on secondary and  removable media.
  • Log Data Reporter:  Provides a flexible report generation system based on database queries and employing XML/XSL technologies to produce reports in HTML, TEXT or PDF.
  • Log Manager Console: A GUI to manage Agents and policies; provides the interface to the reporting and archiving functionality.
  • Log Manager Content pack: ‘Content Packs’ are used to define log format, content and rules for event identification and tagging.  A ‘Content Pack’ is required for each type/format of log.


Assuria 30 Day Free Trial

Logs have become essential to demonstrate compliance to regulations and standards. 

Uses for log data in addition to regulatory compliance include:

  • Incident response and investigation
  • Forensic analysis
  • Problem identification and resolution
  • Network traffic monitoring (near Real time) and anomaly detection
  • Operations and Service Level monitoring
  • Marketing analysis

Today’s operating systems, applications and network devices, including Windows and LINUX / UNIX, can produce vast amounts of audit data within their logs.  There are few tools available today to provide for reliable management of this log data.

Computer Security Log Management Datasheet

Log Sources supported

  • Windows .EVT logs
  • Syslog
  • Unix Daemon
  • RHEL Audit
  • Text files
  • Tcl – Plug-ins, part of the ‘Content pack’ to support the collection of an infinite number of log formats / types.

Resilient configuration

Assuria Log Manager is a modular system and can be configured in a number of ways in order to meet user requirements for high availability and / or resilience of volume / capacity.

Multiple collectors can be configured and agents configured so that they can use whichever Collector is available with Load Balancing. 

The Store and Database can, where required, be replicated using replication functionality native to the store or database. If required multiple agents can be installed on a single log source system though each agent must handle its own unique set of logs.

Assuria Auditor and Log Manager Service

Assuria also offer an onsite Service which helps identify how companies may be falling short of various complaincy standards which is known as the IT Security Standard Compliance Assessment Service (ITSec CSS).

The ITSec CSS utilises the Auditor and Log Manager products and will provide the following deliverables:-

  • A management summary report indicating the current level of compliance to the required standard of the target systems;
  • A detailed report for each system showing each area of non-compliance, the implications of the non-compliance and a clear English language description of how to correct them;
  • The report will also highlight general areas of poor security practice and known vulnerabilities discovered;
  • A senior management presentation on the outcome of the service and suggested next steps.

Download Assuria Log Manager Datasheet Datasheet

Trend Micro Websense integrated Web, data and email security Assuria is a UK based IT Security software developer, providing automated compliance and information assurance solutions Stonesoft produce high availability multi link ISP firewalls to help reduce single point of failure Breach Security Celestix produce high performance appliances coupled with hardened Microsoft security products Barracuda Logo Acronis Backup and Recovery Software Tricerion Identity Integrity Check Point firewalls and Pointsec Encryption software Mimecast Partner SkyRecon Intelligent Client Security Integrated Encryption and Device Control eSoft Network + Application layer firewalls with optional Web filtering, Spam Protection and IPS

© Copyright Castleforce 2007-2009. Web design by Theme Group