|
Novell Sentinel Log Manager provides high event-rate processing, long-term data retention, regional data aggregation, and simple searching and reporting functionality for a broad range of applications and devices. Novell Sentinel Log Manager collects data from a wide variety of devices, including intrusion detection systems, firewall, operating systems, routers, Web servers, databases, switches, mainframes, and antivirus event sources.
Easy Installation and Rapid Deployment
Novell Sentinel Log Manager is easy to install and deploy, in order to perform data collection, storage, reporting, and searching of log data. It includes an all-in-one installation of the Sentinel Log Manager server, Web server, reporting server, and configuration database.
Data Collection
Novell Sentinel Log Manager is capable of collecting and managing data from a wide variety of event sources. Novell Sentinel Log Manager collects data from event sources that generate logs to Syslog, Windows Event Log, File, Database, SNMP, Novell Audit, SDEE, Check Point OPSEC, and other storage mechanisms and protocols.
Novell Sentinel Log Manager also contains enhanced Web based user interface support for Syslog and Novell Audit connectivity to make it even easier to start collecting logs from event sources that use these protocols. When you log in to Log Manager, you can direct the logs to Log Manager, start running reports, and perform a search.
Data Storage and Management
Novell Sentinel Log Manager stores all the log data in a compressed format on the file system. Data can be archived locally or on a remotely mounted CIFS or NFS share. Administrators can set up data retention policies to configure the system to keep some data for a longer time period and other data for a shorter time period. A cryptographic hash (SHA-256) is computed for event and raw data to ensure data integrity. The raw data hash can be verified in the Sentinel Log Manager Web interface.
Reporting and Searching
Novell Sentinel Log Manager performs full text searches across all event data or focused searches against particular event fields such as source username. These searches can be further refined, saved for future review, or filtered and formatted by applying a report template to the results.
Sentinel Log Manager ships with over 160 preinstalled reports and also has the ability to upload additional reports. These reports can be scheduled or run ad hoc. Searches and reports run against both active and archived data.
|
