You need deep, real-time visibility into your entire IT environment to defend your organization from today’s threats. LogRhythm analyzes all of your forensic data. It fills gaps with endpoint and network sensors. With LogRhythm, you get the intelligence and tools you need to protect your network.
Assemble all of your machine data. Gather all the forensic evidence generated by your IT environment with our collector
tier—with or without agents.
Get the intelligence you need—without the noise. We process, structure and contextualize your data for almost 800 different sources. You get faster, more accurate analytics with machine data intelligence fabric. Learn more about LogRhythm Labs & Machine Data Intelligence Fabric.
Get real-time protection from threats. Automate multi-dimensional machine analytics, including sophisticated techniques such as machine learning, behavioral profiling, statistical analysis, blacklisting, whitelisting and correlation. Learn more about Security Analytics.
Search through terabytes of data. Find the forensic evidence you need faster. Get the information you need when you need it with structured and unstructured search—in a single,
You need the right information at your fingertips to respond to threats fast. We deliver the information you need in the most useful way so you can respond to the most critical threats quickly.
Whether you’re a medium-sized company or a Fortune 500 enterprise, we meet your scalability and performance requirements. Our flexible component architecture realizes a wide variety of solutions with a building block approach. Add functionality and capacity as your needs evolve to efficiently scale your LogRhythm deployment based on your unique requirements.
Data Collector provides local agent-based or remote agentless collection of machine data, including log messages, security events and flow data. Learn more about Endpoint Monitoring and Forensics.
System Monitor is an agent-based sensor that independently monitors host-level activity. Monitored activities include user authentications, file modifications, active applications and network communications. System Monitor generates real-time forensic data to support your analytics-driven threat detection and incident response.
Network Monitor performs deep packet inspection of network traffic for application identification, extraction of searchable application-level metadata and full packet capture.
Its internal analytics engine provides run-time Deep Packet Analytics™. Network Monitor forwards full session SmartFlow™ records for analytics-driven threat detection and incident response. Learn more about Network Monitoring and Forensics.
Data Processor provides patented, high-performance, distributed and highly available processing of machine and forensic data received from data collectors, system monitors and network monitors. Data Processor transforms this data into a contextualized form to create the Machine Data Intelligence Fabric that underlies our analytics and platform capabilities.
Data Processor archives and distributes both original unstructured data and structured metadata to other platform components to support indexing, automated machine
analytics and alarming. Learn more about High-Performance Appliances.
Data Indexer provides high-performance, distributed and highly scalable indexing of machine and forensic data received from data processors. It stores data in support of centralized search and forensic analytics. You can deploy multiple data indexers in a high availability cluster to serve massive workloads and a high number of concurrent users.
AI Engine’s patented stream-based machine analytics technology provides real-time, automated analysis of contextualized machine and forensic data received from data processors. It supports a variety of automated analytic techniques, including machine learning, behavioral profiling, statistical analysis, whitelisting, and blacklisting. You can deploy multiple AI Engine nodes to support distributed analysis and workload scaling.
Platform Manager performs alarming, notifications, incident response orchestration, workflow automation and centralized administration for our platform. Platform Manager provides Web and application services, enabling centralized structured and unstructured search, forensic analytics, reporting and real-time dashboards. Platform Manager also delivers our open platform API to support third-party integrations.
Analytics modules are created and maintained by LogRhythm Labs to help our customers achieve rapid time-to-value. Modules include pre-packaged content like machine analytics rules, searches, reports and dashboards.
Improve your security posture with threat management modules such as User Threat Detection and Endpoint Threat Detection. Adhere to complex regulation systems with LogRhythm’s compliance automation modules, which support PCI, SOX, HIPAA, and more.