LogLogic Announces Log Management Is No Longer an Obscure Tool for the Tech Savvy

SAN JOSE, Calif. — April 7, 2009 — LogLogic®, The SANS Institute, the largest source for information security training and certification in the world, in conjunction with log management leader LogLogic® today announced the results of the fifth annual SANS Log Management Survey, which surveyed management and IT staff in a variety of industries—including finance, education, government, and telecommunications—in companies ranging from small- and mid-sized organizations (35%) to Global 200 enterprises (24%).

LogLogic has sponsored the SANS Survey every year since it began in 2005. The biggest trend revealed this year is that log management is no longer just an obscure tool for the tech-savvy. Use of log data has proliferated in recent years: in 2007 only 56% of the respondents collected logs, whereas in 2009 that figure has grown to 87%, with an additional 12% planning to implement log management. The collected logs are now being used for a variety of purposes, including: “event detection” (91% of respondents), “tracking suspicious behavior and user activity monitoring” (74%), “day-to-day IT operations” (67%), regulatory compliance (53%), and “information leak prevention” (28%).

“Over the past five years, we’ve seen organizations transition from not collecting logs at all, to using them everyday,” said Dominique Levin, EVP of Marketing and Strategy for LogLogic. “As log management has become ubiquitous and logs are demonstrating their value for multiple security and operations purposes, implementing an effective log management strategy has become a necessity of vital importance to organizations of all sizes.”

One of the emerging trends in logs is the integration of log management with Security Information Event Management (SIEM) and Database Activity Monitoring (DAM), with 81% of respondents indicating they believe integration with SIEM or DAM to be important. SIEM was more popular with 79% using or intending to use a SIEM product in conjunction with log management, while 22% are using or intend to use log management and DAM together.

Of SANS Survey respondents, those who were most satisfied with their log management systems had purchased third-party tools—rather than “homegrown” solutions. Survey responses indicate that simply collecting logs is not enough: in order to get the most out of the valuable data they contain, organizations must invest proactively in log analysis with a powerful log management appliance.

“This year’s survey demonstrates that log management continues to gain legitimacy as an important piece of security and operations on many levels,” said Deb Radcliff, Editor, SANS Analysts Program. “Organizations are taking lessons from publicized data breaches—for example, the recent FTC ruling against Geeks.com, where log management could have been used to detect the leakage of personally identifiable information.”

This week SANS will discuss the results of this report at the SANS WhatWorks 2009 Log Management & Analysis Summit in Washington, D.C., April 6 – 7, 2009. LogLogic customer, Pete Boergermann, Associate Vice President and MIS Technical Support Manager at Citizens & Northern Bank, will speak about his company’s approach to log management on April 7.

Read the SANS 2009 Log Management Market Report.

For more information about LogLogic, please visit loglogic.com.
Check out the LogBlog.