Loading
loading...

LogStore

"LogStore", is a software solution that provides real-time awareness of security and availability of your hardware and applications. LogStore collects, consolidates and analyzes logs and events from firewalls, IDS/IPS systems, switches, routers, servers, operating systems and applications.

Top Features Specifications System Requirements

Top Features

Audit

Audit events on your network from single location.

Be Aware

Be aware of problems and suspicious conditions on your network.

Improve Your Security

Improve your security by solving your problems.

Active Directory Integration

Retrives computer names from Active Directory for agent installation.

Remote Agent Installation

Agents can be installed, updated and removed remotely.

Quick Search and Reports

Analyse and get reports instantly.

Specifications

Whose For?

"LogCollector LogStore" is a SIEM software for the IT organizations.

Components

  • Agents: Events are tracked, recorded and sent to central service by agent softwares.
  • Central Services: Collects log records from agents or remotely and stores them in filesystem, PostgreSQL database and Elasticsearch database automatically. 
  • Data Display and Analysis Tool: Displays stored data and provides query and reporting functionality.
  • Archiving Tool: Manages and archives data to secondary level data storages.
  • Database: LogCollector stores logs in file system in JSON format as primarily storage. For short term analyze and reporting demands, data can be stored in PostgreSQL database. For long term querying demands, data can be stored in Elasticsearch database that enables Kibana integration. In addition, data can be stored as CEF formatted files for other integration demands.

General Properties

  • Events: Tracks activities on computers.
  • WEB-Based Application: No need to setup software for user interface. Web browsers are enough to use.
  • Historical Data: Allows you to keep historical data for future analysis.
  • Security Threats: Provides detection and prevention of security threats that caused by users in the organization, and preparation of reports and data for legal proceedings.
  • Easy Installation: Installation is quite easy, require minumun dependency.
  • Insant Data Display: Data is displayed interactively while it's being collected.
  • Data Integrity: Every single event record is kept with its hash information in order to gurantee its data integrity.
  • Rule Based Data Collection: Agents or remote service collect data based on rules (to reduce noise) that can be changed dynamically.

Service Properties

  • Log Sources: Tracks activities on agent computers and remote log sources.
  • File System Storage: Logs are stored in "File System" as JSON formatted files. 
  • Automatic Archiving: Collected logs are archived periodically. Archived files can be signed with Timestamp (RFC 3161 and TUBİTAK).
  • CEF Formated Data: Collected logs can be saved as CEF formatted files.
  • PostgresSQL Database: For short term analyzes, logs are stored in a PostgresSQL database for a defined period.
  • Elasticsearch Integration: Logs can be stored in Elasticsearch database.
  • Easy Configuration: Agents and sources can be configured easily.

Agent Properties

  • Installation: Agents are installed remotely or manually.
  • Removal: Agents can only be removed by LogCollector LogStore Management Console.
  • Update: Agent softwares are updated automatically without user intervention.
  • Intervention: Ordinary users and even local administrators can not intervene the behaviour of agents.
  • Real-Time Tracking: Agents capture events on real-time, create an instant log record.
  • State-of-Art Tracking Engine: Agents are built with high performance processing engine to track, filter and record the events.
  • Low Footprint: Agents use very small amont of resource on CPU and memory.
  • Offline Working: Agents always continues in action whether network connection is available or not. If the connection is broken  data is stored until the connection is re-established.

Querying, Reporting and Notification Properties

  • Powerful Queries: Users can easily prepare any queries with visual tools and display data instantly.
  • Flexible Reporting: Provides on screen and printable even complex reports  in seconds for all your requests.
  • Export Data: Displayed data can be easily exported to HTML, TXT, CSV, XML, PDF formats.
  • Scheduled Reports: User definded reports can be sent automatically as various formats (PDF, Excel, Word, Text) either by e-mail or to file sytem.
  • Real-time Alerts: Sends alert messseges instanly to e-mails when specific events happen.
  • Builtin Reports: Provides ready to use reports for best practices and requlatory complience.
  • Charts: Provides data analysis in various chart formats.

System Requirements

For Agents

  • CPU: Any
  • Memory: 512 MB or better
  • Disk: 100 MB or more
  • Operating System: Microsoft Windows 7 or newer (32/64-bit)
  • Network: Any TCP/IP connection
  • Configuration: Firewall allowance is needed for remote installation.

For Central Services

  • CPU: Any
  • Memory: 32 GB or more
  • Disk: 1 TB or more
  • Operating System: Microsoft Server 2008 or newer (32/64-bit)
  • Network: Any TCP/IP connection
  • Permissions: "Domain Admins" credintials is needed to install agents remotely.