LogLogic Accelerates Windows Event Collection
Version 4 of Open Source Windows Event Collector Released, Project Lasso Downloads Top 10,000...
Version 4 of Open Source Windows Event Collector Released, Project Lasso Downloads Top 10,000 Mark
(August 2, 2007)- LogLogic™, the log management leader, today released version 4 of Project Lasso, an Open Source Microsoft Windows event collector. IT event logs from Windows-based systems and applications provide a fingerprint of user and systems activity that are critical to security, compliance and effective IT operations. LogLogic and Project Lasso allow that fingerprint to be captured and securely warehoused, then reported and alerted on, transforming it into actionable intelligence. Project Lasso 4.0 debuts dozens of new features including a 20x improvement in start-up performance and more control over how logs and Dynamic Link Libraries (DLLs) are processed.
Project Lasso has been downloaded more than 10,000 times since its launch in 2006, driven by mandates such as PCI, SOX and FISMA that require Enterprises to collect, review and store log data. Project Lasso can be used for collecting Windows events and sending them to Syslog servers, as well as with LogLogic's industry leading log management and intelligence platform. When used with LogLogic 4, Windows events can be alerted and reported on in real-time, securely stored, and easily shared with other applications and dashboards.
"Windows-based events underpin dozens of IT tasks performed on a daily basis - from troubleshooting email, investigating security incidents, to optimizing IT infrastructure", said Dominique Levin, vice president, product management, LogLogic. "Issues ranging from the need for improved customer responsiveness through better information protection and user activity monitoring have moved Windows event logging from a mundane IT task to the foundation of good compliance, security and IT operations."
Key new features include:
- Significantly improved startup performance - by up to 20x, providing more control over the details of event collection and DLL collection.
- Shared DLL Repository eases log collection from remote hosts and makes it much more practical to do periodic manual collection of DLLs.
- Command line invocation enables Project Lasso to implement periodic manual collection of DLLs instead of enabling DLL access for the Project Lasso User Name.
- Project Lasso Shares enable DLL collection without using Administrative Shares, thus allowing DLL collection in sites where the Administrative Shares have been disabled, and without giving administrative privileges to the Project Lasso User Name.
- Completely automated, scripted install in "agent" mode that has been enhanced by a custom lasso.ini file allowing configuration of features which are not otherwise addressed in the InstallShield dialogues; and, installation with Startup Type set to "Automatic" makes it unnecessary to manually configure the Service after installation
- Significantly enhanced trace and field debug capability, including a new "Access Report" that details success or failure for each target host for each phase of DLL and event collection.
Project Lasso collects all log data from Windows hosts without the need for any agents or code installed on the remote system - this speeds up deployment and reduces administration, leading to a much higher ROI. Windows DLL files contain critical information relating to the log messages themselves. LogLogic has cracked the code on remote collection by combining the log data and the DLL information to produce actionable information in a format that allows it to be more rapidly searched and reported against.
LogLogic customers using Project Lasso in conjunction with LogLogic's Log Management Data Warehouse can combine Windows, Active Directory, Microsoft SQL, Exchange, IIS and ISA information with all the other platforms and applications (including custom or homegrown) within their enterprises.
For the first time large enterprises have an ability to track a user or IP address (on a global basis) from the time a connection is made (internally or externally) to every system and application that is then accessed. This end-to-end user activity monitoring and reporting from a single interface is proving invaluable to large enterprises needing to meet governance, risk and compliance requirements.
Project Lasso is available for free as a download from http://www.loglogic.com/logforge/
Additional news and articles about LogLogic.
LogLogic is a registered trademark of LogLogic Inc. Other names may be trademarks of their respective owners.
About LogLogic
LogLogic® is a visionary leader in log management for business operations, security and compliance for the most demanding global enterprises as well as mid-market companies. The LogLogic family of LX-ST and MX appliances address the compliance, operations and risk mitigation needs for collecting, storing, reporting and alerting on 100 percent of IT log data from virtually any device, operating system or application. LogLogic's innovations include creating the world's first search engine for fast-moving IT log data, the first open log management platform and API, and Compliance Suites for PCI, SOX, HIPAA, and other mandates that automate using log data to enforce critical controls and regulations. LogLogic received four and half stars out of five from SC Magazine's forensic tools review in 2008 and was named a Deloitte Technology Fast 50 Rising Star in 2007. For more information, visit www.loglogic.com and http://blog.loglogic.com.
LogLogic disclaims any interest in the trademarks of others.
Technorati : Compliance, Log Management, Log Management & Intelligence
Posted August 2, 2007 01:10 AM