Log Management & Information Mining

Log Management & Information Mining

IT operations and IT security monitoring are crucial parts of IT services. Advanced technologies provide lots of options and powerful tools to collect and analyze events from IT services. Wide area of open solutions allow build effective and not expensive solutions for efficient logs and events data mining.

Zetabytes of data created worldwide 2010 – 2025*

There are more and more digital services in our everyday lives, we are more and more dependent o them and sharing more and more information about us with the growing digital world. We will never prevent IT HW fails, SW bugs, security weaknesses, human errors and attacks. IT& IS departments should:

React

quickly on operation or security incidents

Store

audit trails and business journals

Comply

with regulations

Protect

sensitive information

Provide

data and tools for business data analysis

We strongly believe, that it is possible and it makes sense to combine IT operation and security with business needs. Data that are today usually collected by operation monitoring tools may be important also from the security perspective and it can also contain information that may be interesting for the business. We also have experiences with getting information about system health from the SIEM tools, etc.

Not the Systems, But the Information Is Important

Goal of our Log management and Data Mining services is not to sell a software or to build a system, but is to make the information you have hidden your IT environment accessible and visible for  you. Technology is for us just a mean to digging out the information you need or you can profit from, compliance and security is just a side effect. We are not fixed to single technology or a vendor. Every customer is special and every use case is unique. Every time we are searching optimal solution and if the tools we have experiences with are not fitting to our need perfectly we are searching for another solution to make the result perfect.

Sample of Technologies We Are Used to Work With

Log management

Open Source HIDS

IBM QRadar

Elastic Stack

RSA Netwitness SIEM

Three Steps to Get the Information

Gather Data

We can help you with identification of the most interesting or the most important events and designing and building mechanism of collecting and securely storing them with focus on not being overloaded with noisy data.

Mine Information

Logs and events have many different formats and contain different types of information. With our experiences, we can efficiently prepare collected data for further usage by users from business, security or operation  areas.

Be Informed

Based on deep understanding of the users needs, we can prepare dashboards, reports or alerts from which the users may get the needed infromation, more context or being notified about crucial and  critical events.

Size Does Not Matter

CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 76




or

It can be small.
It can be robust and complex solution.

Our preferred approach is to start with small use case that does not need plenty of resources and time to build and then slowly grow with focus on getting the information not collecting tons of data or building giant systems. We created simple SIEM service  for monitoring home IT infrastructure running on single board HW, but we also created reporting tool for national lottery with hundreds of thousands players.

3Key Added Value

We have experiences with designing, operating and auditing IT & IS operation monitoring services and business data analysis. We are not focused on one technology, but we are choosing tools or set of tools that fit best to specific customer needs and company culture. Our preferred way is to start from scratch with small free and open solutions that are naturally transformed during the time to more robust and sophisticated solutions as the business grows. Our goal is not to enable some technology or help with periodic daily tasks. Our goal is to:

  • collect logs and mine information that is crucial he needs for the business and
  • allow to see them in different point of views
  • Implenet simple and clear concept for collecting, normalizing and presenting logs and events
  • provide the best user experience
  • and much more…