Startup looks to make sense of logs

Startup LogLogic Inc. has officially launched an appliance to help network managers quickly retrieve data from multiple logs across their enterprise networks.

LogLogic, in Sunnyvale, Calif., says its appliance-based software can eliminate hours of searching through device logs to determine the source of a problem or to find data needed for compliance purposes or to spot potential security attacks.

“Mining log data can be slow and expensive. It’s expensive to maintain scripts on homegrown servers to retrieve data,” says Dominique Levin, LogLogic vice-president of product management. “LogLogic automates the work and puts an emphasis on a fast search so that network managers can make use of that data in real time.”

LogLogic appliances come in a variety of flavours and sits in a data centre close to the log source, whether it be a firewall, router, server or other network-connected device that generates logs. The appliances can communicate with any device that uses the syslog protocol.

The box sends a distributed query to the devices it is configured to manage using Simple Object Access Protocol, or SOAP, and the devices send back an XML reply. The appliance can store up to two years of logs or connect to a network storage resource. The LogLogic LX appliances focus more on data capture and analysis for troubleshooting purposes, while the ST appliances perform more storage and compliance functions.

The value, Levin says, is in LogLogic’s MetaLog search capabilities, which enable users to search multiple logs from a variety of devices on an ad hoc basis.

“Users can perform specific searches, such as ‘Show a spike in outbound connections on this port,’ or they can aggregate and correlate search items,” she says. “The can get to this log data more quickly and make sense of it.”

LogLogic could compete with the likes of netForensics Inc. or Network Intelligence Corp., which also collect and correlate log data, but those companies focus primarily on security logs and devices. Levin says the majority of competition comes from homegrown scripts and manual tasks at large enterprise companies.

LogLogic’s LX and ST appliances are now available at varying prices beginning at US$20,000.

Related Download
3 reasons why Hyperconverged is the cost-efficient, simplified infrastructure for the modern data center Sponsor: Lenovo
3 reasons why Hyperconverged is the cost-efficient, simplified infrastructure for the modern data center
Find out how Hyperconverged systems can help you meet the challenges of the modern IT department. Click here to find out more.
Register Now