LogApp

Latest security requirements call for logging of numerous events from different systems. Also the European General Data Protection Regulation requires complete documented evidences of access, changes, transfer and deletion of sensitive data within the company networks. LogApp collects, normalizes and analyses events with LogAgents and over syslog. Integration possibilities from ERP/CRM systems and many other applications and databases make it easier to see who had when and where (il)legally access. The objective is the proof of data privacy compliance through automated procedures without any additional effort.

LogApp Core Features:

• available as appliance or Virtual Machine
• central management with tamper-proof archiving
• LogAgents for Windows Server, Linux Server, Windows Clients
• syslog interface for networking devices & other syslog-sources
• SNMP interface for networking components
• possibility to cascade LogApps
• optionally encrypted communication between LogAgent and LogApp
• alerting via e-mail or iQSol Alert Messaging Server (SMS, Voice)
• comprehensive reporting (Enterprise Reporting Services)
• 4-eye-principle for events & alerts (online and archive)
• comprehensive role concepts

LogAgent

LogAgents collect events from Windows- or Linux-Servers and forward them to a LogApp. Archiving, correlation and alerting are completely taken over by LogApp. All events are transmitted over an encrypted channel to LogApp. Geographically dispersed scenarios can be depicted efficiently and safely. LogAgents are available for Windows and Linux and do not have any special demands to the system resources.

Log Agent Features:

• Log formats
  • Windows Event Logs (application, security, setup, system, ...)
  • Linux System Logs (user authentication, ...)
  • Log Files (flatfiles, XML, CSV, …)
• File Integrity Monitoring
• Windows Change Auditing
• Syslog and SNMP proxy functionality
• buffer function
• encrypted transmission (optional)
• remote or local installation

Syslog

Events from networking devices and other syslog sources can be sent directly to LogApp. The syslog interface accepts and processes events analogous to events from a LogAgent. Optionally, LogAgents can also be configured as syslog and SNMP proxies in order to collect events decentral in more complex network architectures.

Web Interface for LogApp

• simple administration of LogAgents and syslog sources
• user & group management with Active Directory access
• extensive filtering & search fu