Log Management

Logging is an integral part of IT infrastructure management and process. Logs are generated from Routers, Switches, firewalls, IDS/IPS, Servers, Databases, and Web Servers across the IT infrastructure. They can be a generic live status of the end system or a detailed log of the running processes.

Log Management, a part of Infraon Infinity, helps in real-time analysis that can be used for security, compliance, audit, and IT operations.

Log Management enables reacting to anomalies based on log events and patterns, which play a crucial role in application troubleshooting, business analytics, marketing insights, resource management, and regulatory compliance.

Access Control

This guide is intended only for Infraon Infinity operators/users with access based on selected roles and privileges assigned by the administrator.

Access depends on the type of license purchased by the portal operator.

Note: The administrator drafted this document after accessing all the operator/user portal modules.

Administrators are responsible for adding or editing user roles and privileges to manage logs. Similar to other modules, specific roles will be configured for the Log Management module. The log management system will update These roles and permissions to ensure appropriate access control.

Users can log in with the assigned credentials and perform tasks within the Log Management module based on their privileges and permissions. Access to various features within the module will depend on the Roles and Privileges the administrator enables. (Click here to view the guide on how to add or edit users with specific roles and permissions.)

How does it work?

Log management collects, stores, analyses, and monitors log data generated by systems, applications, and services within an IT infrastructure. This module will log assets uploaded to our system.

This module enables users to access network device logs via the Syslog server. For Windows-specific logs, utilize the Winlog beat server. To collect Linux logs, employ the file beat server.

Logs will be saved in the elastic database, and log stash can be used as a pipeline to dump data into it.

Log Management will fetch data from the elastic database and show it in the Infraon interface based on configuration.

Monitoring, documenting, and analyzing system events are crucial to security intelligence (SI). Regarding compliance, regulations such as PCI have specific mandates relating to audit logs.

Log management software automates many of the processes involved. For example, an event log manager (ELM) tracks organizational IT infrastructure changes. These changes are reflected in audit trails that must be produced for a compliance audit.

Log Management Sub-modules:

Log Multi-Index: Create and manage the multi-indexes that help retrieve data from Elasticsearch.

Log Search: Provide options to quickly search and filter the logs and get information about the field's structure.

Log Stream: Provide a way to visualize and analyze log data in real-time.

Export Configs: Export Configs define how logs are exported, including format, size, and download of the generated log files.

Let’s see each one in detail:

PreviousTrap Configuration NextLog Multi-Index

Last updated 7 months ago

Was this helpful?