HomeProductsSupportServicesTrainingPartnersCompanyContact     


assuriaONLINE Customer and Partner resources Logon / register
     

Subscribe via RSS

RSS 2.0

 assuria bulletin                                                               

 

 
 Title:                         Assuria Log Manager - Release 3.0

 Number:                   64          Date:   18th February 2008
 

Title.

Assuria Log Manager – Release 3.0

Introduction

The Bulletin introduces Assuria Log Manager Version 3.0 which is now available. 

Assuria Log Manager

Assuria Log Manager (ALM), Assuria’s proven log management technology Version 3 is now available.

Designed to help organisations meet the challenges of managing the security of thousands of workstations and servers running Windows, Linux or Unix operating systems.

Assuria Log Manager provides a system for the forensically secure collection and transfer of audit and event log files on a customer system to a central store.

Audit and event log data is collected from sets of computers and securely transferred to central server machines for subsequent analysis or forensic investigation.

Assuria Log Manager agents optionally include an alerting mechanism that can be configured by security configuration personnel to alert (SNMP or other) on the occurrence of specified events (such as Administrator / Root login failures).

 

 

Version 3.0 new features

Event Filtering at the agent.

Optional Agent side source log filtering has been implemented.  This allows a configurable set of events to be excluded from the dataset sent to the Collector for storage and subsequent analysis.  

Once the log has been deleted from the source system the events will be permanently lost.  When used with ‘Deferred Deletion’ the complete log remains available on the source system for a configurable period.

 

Deferred log deletion at the agent.

Deferred log deletion has been added to all agents.  The source log file, once spooled to the ALM Agent spool area, is copied to a temporary store area and is retained on the system for a configurable period.

On expiry the ALM agent removes the source log from the system.  This means that the log file is retained on the source computer for a configurable period of time and is therefore available to other applications or administrators for their use.

 

Additional standard data sources.

New log data sources have been added, these include:

  • IIS on W2K and W2K3

  • SQL Server 2000 / 2005 error logs

  • ALM Agent Log file

  • Exchange W2K3

  • RHEL audit logs via AUSearch

 

Revised console.

 

The ALM Console has had many minor changes and addition to improve usability and understand-ability of the Console including an enhanced dashboard.

Remote installation

Non-interactive agent installation, including via a Group Policy Object for Windows agents.

Archiver

 

Revised implementation of the Archiver.  Each Archive is fully catalogued for future reference or access to archived logs.

Reporter

 

XML output is now provided to enable the export of ALM log data to other products.

 

Further information

For further information about Assuria Log Manager please contact Assuria.

 

 

 

 
Assuria Limited, Science & Technology Centre, The University of Reading, Earley Gate, Reading, RG6 6BZ, UK. 

Telephone +44 118 935 7395     Fax +44 118 926 7917     Web www.assuria.com
 


System Scanner and X-Press Update are registered trademarks of Internet Security Systems Inc. of Atlanta, Georgia, USA
© Copyright Assuria Limited.  All rights reserved.



18/02/2008

Legal notice | Site map | Contact Assuria
© Copyright 2006 - Assuria Limited.  All rights reserved