LOGNESS Processor and Analyzer
Events are conveyed to LOGNESS Framework in real-time. Our LOGNESS Parser Engine recognizes, categorizes and upon normalization, stores all events.
Structured evaluation and reporting
LOGNESS Framework does not limit the number of pre-defined reports, as every element of its tree-structure is defined as a unique report. Reports can be grouped, covering all events pertaining to applied systems, databases, operating systems, boundary protection and network devices. Reports can be freely grouped or separated, making segregation of reports on the basis of different criteria possible, such as grouping by geographical regions or in case of services, grouping by clients.
LOGNESS Framework utilizes a reporting module developed by PR-AUDIT, eliminating the need of using any other reporting engine. Reports can be exported in Word, PDF, CSV formats. Reports produced can be viewed via the graphical user interface or can be sent automatically as E-mail. Report templates can be modified with ease at any time, making them unique and can be saved to user-specified directories.
Specific reports can be junctioned to entities, even on a one-by-one basis. Furthermore, operations that can be performed on reports are organized in a way that they can be performed with ease (read, edit, create, modify, set inactive), so are the source tools that can be shown in the report.
Results of an already completed report can be searched for on a by-date basis. The ability to run ad-hoc reports for intervals facilitates searching by time periods.
Reporting and category-declaration in the LOGNESS framework is fully flexible, but it also contains built-in report templates and categories. Depending on the design of the tree structure, the number of reports is not limited. The number of categories is also freely customizable and designable, but built-in categories are also present, such as user activities, change management events, security events, network management events, storage and other events, etc…
The LOGNESS framework also offers the option of generating weekly and monthly trend reports from the critical events occured in the time interval to be examined. To facilitate monitoring of statistical trends, daily, weekly and monthly event trend monitoring is done on event-level, including definition of the average event occurence count.
The LOGNESS framework supports issuing alert notifications both for standalone events and for the simultaneous occurence of multiple events (or non-occurence of a scheduled event/event set). Monitoring events in time-based correlation with each other, broken down to time intervals is also feasible.
Correlational Log Analysis
The LOGNESS framework is also capable of recognizing event ques that consists of several events and handling them as one event.
Audit Trail Analysis Support
The LOGNESS framework supports searching on the basis of time intervals, based on pre-defined criteria. Depending on the templates designed, any interval can be filtered using several properties.
Filtered results can be viewed online and can be exported in .csv format. Search results can also be linked with reports.
Beside the template based search engine LOGNESS Analyzer consists a dedicated, full functionality and high-speed text based search engine.
The LOGNESS framework supports the users’ role-based privilege management. The system supports issuing elemental level (event-based) privileges to any specific user, granting privileges only to view and query events that a user is authorized to access.
Incident Management Interface
The LOGNESS framework includes an integrated incident management interface that enables maintaining a historical inventory of all incidents occured and also allows tracking incidents’ status.
Logging Parameters of the LOGNESS Framework
The LOGNESS framework enables logging of all significant changes in a system and also the logging of occured irregularities:
• Errors, unusual system states (Sudden increase of memory demand, disc and network traffic, etc…)
• Critical system states (Low disk space and memory warning, etc…)
If you are interested, please contact us for your unique offer!