Application Monitoring Solutions
Applications and the data they manage are critical to your business. A down e-mail system means lost productivity. A down ERP system could result in lost or corrupted data. LogRhythm helps identify symptoms of potential failures before actual failure occurs. When failures do occur, LogRhythm helps diagnose the cause of the failure and speeds the return of the application to a healthy state by providing immediate and central access to application-layer log data.
Service Oriented Architecture Monitoring
Most business applications involve more than a single system. A typical ERP system relies on the network, application servers, database servers, and web servers. A failure at any point can result in failure of the ERP system.
With LogRhythm, applications can be monitored across the entire application platform. LogRhythm automatically associates log entries to the reporting application. LogRhythm will associate the log entry to the applicable application whether the log origin is a firewall log, an intrusion detection alert, an entry in a Windows event log or even logs read from a file. This capability enables cross-platform, cross-server monitoring of an application's health.
Custom Application Monitoring
In-house developed applications that log to a flat file, the Windows Event Log, or Syslog can be monitored via LogRhythm. An easy-to-use wizard allows for custom rule development applying the power of LogRhythm monitoring, analysis, and reporting capabilities that are standard for commercially supported systems.
Too many hours are spent putting out fires. For many organizations IT Operations has become more reactive than proactive. As a result, often times business improvement projects are delayed. LogRhythm helps companies identify potential flare-ups before fires occur. When the unavoidable fire does occur, LogRhythm equips your IT firefighters with the information and tools they need to put it out as quickly as possible. LogRhythm helps IT operations get back to business.
AI Engine for IT Optimization
Advanced correlation and pattern recognition offer substantial value for operational insight and IT services assurance. Slight variations in specific activities or a particular sequence of more common operations events may indicate critical operations issues:
- A backup process is started, but no log for backup completed is generated.
- A critical process stops and doesn’t start back up within a specific timeframe.
- High I/O rates on a critical server usually only observed during backup procedures are observed during normal business hours.
Real Time Monitoring
LogRhythm provides real-time monitoring of all devices for which log data is being collected. Seconds after a log is collected or received it can be transformed into an event for display in one of LogRhythm's real-time dashboards. LogRhythm's real-time monitoring can also detect and alert on the absence of a log or an event that is expected to happen. For example, LogRhythm can alert administrators when a server stops but does not restart within a certain time period.
The same tools used for real-time monitoring can be used for analyzing historic data. Using the replay option, events from last week can be replayed and visualized. Using the Investigator tool, specific events and log entries can be searched for and analyzed based on any of the available report fields:
- Log Host (e.g., ERP server)
- Log Source (e.g., audit log)
- IP Addresses
- Programs (e.g., SAP, Telnet)
LogRhythm provides significant time savings when responding to and diagnosing network, system, application, and security issues. By providing central and immediate access to log data, staff can troubleshoot and diagnose problems more efficiently. These time savings are the result of:
- Having a single console that provides a uniform view of log data across all systems vs. having to use the native consoles of each separate system. Powerful analysis and reporting tools designed to provide efficient and effective troubleshooting and incident analysis
- Having immediate access to log data that might otherwise be unavailable due to access control policies on the affected system. LogRhythm provides direct access to log data without having to wait for or involve another party (e.g., the systems administrator)
- Being able to correlate log activity across many systems in diagnosing system wide issues
- An integrated knowledge base providing troubleshooting assistance so that when the same issue is seen again, the time to diagnose is significantly reduce.
Alert & Notification
LogRhythm includes a powerful alert and notification engine. Alerts can be generated based on the type of event, the event's priority, where the event originated, the login associated with the event and many other factors. Alerts can also be generated based on a threshold violation. For instance, a single periodic warning message from the same server might not cause concern, however, 10 warnings in 5 minutes is another matter.
Role Based Notification
In addition to providing powerful and flexible alerting, LogRhythm provides intelligent and personal notification via its role based alerting model. LogRhythm can automatically identify personnel based on their role with respect to the system affected. For example, if Joe Brown is the system administrator of your ERP server and the ERP server reported 10 warnings in 5 minutes, LogRhythm can be configured to automatically notify Joe of the specific event. Role based alerting combined with personalized alert dashboards automatically ensure the right person is notified. IT, security, and audit staff need only monitor their personal alert dashboard and respond when necessary.
Intelligent, Automated Remediation
LogRhythm delivers immediate protection from security threats, compliance policy violations and operational issues with SmartResponse™. Intelligent, process-driven capabilities give organizations the power to automatically take action in response to any alarm. SmartResponse™ delivers immediate action on real-world issues, such as when suspicious behavior patterns are detected, specific internal or compliance-driven policies are violated, or critical performance thresholds are crossed. LogRhythm ensures that responses are based on accurate information by performing real-time analysis on all log data, helping to minimize false positives as well as the delays associated with manual intervention.