Event Management
Event Management

Event Management

LogRhythm’s Security Event Management function combines prepackaged, automated reporting and real-time monitoring and alerting with comprehensive incident management and response. LogRhythm’s Personal Dashboards present security event information in the most useful and effective manner to meet the specific needs of individual users. The dashboard also acts as a portal to a suite of highly effective investigative and reporting tools including the LogRhythm Investigator and LogMart. The Quickstart Event Management Package (QsEMP) delivers the convenience of prepackaged alarms and a broad range of detailed and executive level reports for immediate, valuable usability and rapid time-to-value.

Quickstart Event Management

LogRhythm’s QsEMP combines the efficiency of automation with the convenience of prepackaged expertise. The QsEMP provides IT administrators and executives with a relevant and useful set of out-of-the-box reports and alarms covering practical Operations, Security and Audit/Compliance use cases. Combined with LogRhythm’s powerful and intuitive user-driven forensics, reporting and alarming capabilities, the QsEMP delivers powerful insight while reducing the overall Total Cost of Ownership (TCO).

Security Event DashboardReal-time Monitoring

Because LogRhythm collects and analyses logs in real-time, logs deemed to be security events are immediately forwarded as such and are escalated according to their level of criticality.  Security event information is delivered in real time to the personal dashboards of those users predefined as authorised viewers for those classifications of events.  Through the personal dashboard users can monitor security events in real time and quickly review and drill down as appropriate.  LogRhythm dashboards can be easily customised by and for each user.  As a result, every user sees and can analyse the information that is most relevant to them and their role.

Advanced Correlation and Pattern Recognition

LogRhythm’s Advanced Intelligence (AI) Engine delivers advanced correlation and pattern recognition for enterprise log data to the event management layer for truly comprehensive coverage.  AI Engine leverages its integration with the log and event management functions within the LogRhythm platform to correlate against all log data – not just a pre-filtered subset of security events.  Relevant patterns and correlated event sequences are sent to the event management layer in real time.  Seamless integration enables immediate access to all forensic data directly related to an event.  AI Engine automatically delivers real-time event management for immediate visibility into risks, threats and critical operations issues.

Role-based Alerting

LogRhythm can easily be configured to send alerts on critical events or combinations of security events to an individual or groups of individuals based upon user roles, asset values of impacted systems or applications, or a variety of other factors related to ensuring the right alerts reach the right people at the right time.

Intelligent, Automated Remediation

LogRhythm delivers immediate protection from security threats, compliance policy violations and operational issues with SmartResponse™. Intelligent, process-driven capabilities give organisations the power to automatically take action in response to any alarm.  SmartResponse™ delivers immediate action on real-world issues, such as when suspicious behaviour patterns are detected, specific internal or compliance-driven policies are violated, or critical performance thresholds are crossed. LogRhythm ensures that responses are based on accurate information by performing real-time analysis on all log data, helping to minimize false positives as well as the delays associated with manual intervention.

Incident Management & Response

The LogRhythm solution includes comprehensive incident management capabilities. Incidents (alarms) are viewed and managed via the real-time personal dashboard.  Every action taken on an alarm is documented (who was notified, when it was analysed, work that was done, etc.) as part of the alarm history.  A comprehensive set of reports provides a full history of incident management activity and response.  Whether your requirements for tracking incident management activities are driven by compliance mandates or internal best practices, the LogRhythm incident management functions will deliver on your reporting, tracking and audit needs.

   

Role-based Alerting

LogRhythm can easily be configured to send alerts on critical events or combinations of events to an individual or groups of individuals based upon user roles, asset values of impacted systems or applications, or a variety of other factors related to ensuring the right alerts reach the right people at the right time.

Incident Management & Response

The LogRhythm solution includes comprehensive incident management capabilities. Incidents (alarms) are viewed and managed via the real-time personal dashboard.  Every action taken on an alarm is documented (who was notified, when it was analysed, work that was done, etc.) as part of the alarm history.  A comprehensive set of reports provides a full history of incident management activity and response.  Whether your requirements for tracking incident management activities are driven by compliance mandates or internal best practices, the LogRhythm incident management functions will deliver on your reporting, tracking and audit needs.

        LinkedIn
        Tweet
Share