ONE IDENTITY
SYSLOG-NG STORE BOX

High performance, enterprise-class log management appliance

ONE IDENTITY SYSLOG-NG STORE BOX

syslog-ng Store Box™ (SSB) is a high performance, high reliability log management appliance that builds on the strengths of syslog-ng Premium Edition. With SSB, you can collect and index log data, perform complex searches, secure sensitive information with granular access policies, generate reports to demonstrate compliance, and forward log data to 3rd party analysis tools.

ONE IDENTITY SYSLOG-NG STORE BOX

Key features

Key features

Search and report

Search and report

With full-text search, you can search through billions of logs in seconds via the web-based user interface. Wildcards and Boolean operators allow you to perform complex searches and drill down on the results.

Store and forward

Store and forward

You can store large amounts of log data, create automated retention policies, and backup data to remote servers.

Secure log data

Secure log data

Log data frequently contains sensitive information. SSB can store log data in encrypted, compressed, and time-stamped binary files restricting access to authorized personnel only.

Use cases

BIG DATA INGESTION

Many big data projects run into the 80/20 rule. 80% of resources is spent getting data into their analytic tools and only 20% on analyzing the data. syslog-ng can deliver data from a wide variety of sources to Hadoop, Elasticsearch, MongoDB, and Kafka as well as many others.

UNIVERSAL LOG COLLECTION AND ROUTING

Organizations using multiple analytic tools and storage solutions often use multiple log management tools. syslog-ng flexibly routes log data from X sources to Y destinations. Instead of deploying multiple agents, organizations can unify their log data collection and management.

RAPID SEARCH AND TROUBLESHOOTING

Whether you need to respond to a security incident, troubleshoot infrastructure issues, or debug applications, searching billions of logs quickly is usually the first step. Having the right log data at the right time easily accessible is critical to your success. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs.

OPTIMIZING SIEM

Security Information and Event Management (SIEM) solutions form the core of many enterprises’ IT security strategy but they can be expensive to deploy and maintain. Syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM.

SECURE DATA ARCHIVE

Log data often contains sensitive information – Personally Identifiable Information (PII), user activity, transactions, and more. SSB provides automated archiving, tamper-proof encrypted storage and granular access controls to protect log data. You can securely manage and archive your log data for long term. The largest appliance can store up to 10TB of raw logs.

MEETING COMPLIANCE REQUIREMENTS

IT departments increasingly find themselves spending ever more resources on compliance as laws, regulations and industry standards mandate increasing security awareness and the protection of sensitive data. SSB provides secure, tamper-proof storage and custom reporting to demonstrate compliance.

Features

SEARCH AND REPORT

SEARCH AND REPORT

With full-text search, you can search through billions of logs in seconds via the web-based user interface. Wildcards and Boolean operators allow you to perform complex searches and drill down on the results. Users can easily create customized reports to demonstrate compliance with standards and regulations such as PCI-DSS, ISO 27001, SOX and HIPAA.

STORE AND FORWARD

STORE AND FORWARD

You can store large amounts of log data, create automated retention policies, and backup data to remote servers. The largest appliance can store up to 10 terabytes of uncompressed data. You can also forward logs to third party analysis tools or fetch data from syslog-ng Store Box via its REST API.

SECURE LOG DATA

SECURE LOG DATA

SSB can store log data in encrypted, compressed, and time-stamped binary files restricting access to authorized personnel only. Authentication, Authorization and Accounting settings can restrict access to the SSB configuration and stored logs based on user group privileges and can be integrated with LDAP and Radius databases.

COLLECT AND INDEX

COLLECT AND INDEX

The syslog-ng Store Box’s indexing engine is optimized for performance. One SSB can collect and index up to 100,000 messages per second for sustained periods. When deployed in a client-relay configuration, a single SSB can collect logs from tens of thousands of log sources.

ONE IDENTITY
SYSLOG-NG PREMIUM EDITION

Enterprise class log management software

ONE IDENTITY SYSLOG-NG PREMIUM EDITION

syslog-ng Premium Edition delivers the log data critical to understanding what is happening in your IT environment. Whether it's user activity, performance metrics, network traffic or any other type of log data, syslog-ng can collect and centralize it. You can remove data silos and gain full-stack visibility of your IT environment.

ONE IDENTITY SYSLOG-NG PREMIUM EDITION

Features

SECURE TRANSFER AND STORAGE

SECURE TRANSFER AND STORAGE

Using local disk buffering, client-side failover and application layer acknowledgement, syslog-ng can transfer logs with zero message loss. Encrypted transfer and storage ensure logs cannot be tampered with, preserving the digital chain of custody.

SCALABLE ARCHITECTURE

SCALABLE ARCHITECTURE

One syslog-ng server can collect more than half a million log messages per second from more than 5,000 log source hosts. When deployed in a client relay configuration, a single syslog-ng log server can collect logs from tens of thousands of log sources.

REAL TIME TRANSFORMATION

REAL TIME TRANSFORMATION

With powerful filtering, parsing, re-writing and classification options, syslog-ng can transform logs on remote hosts, reducing the amount and complexity of log data forwarded to analytic tools, reducing their TCO. The flexible configuration language allows to construct complex log processing systems with simple rules.

FLEXIBLE LOG ROUTING

FLEXIBLE LOG ROUTING

‍‍syslog-ng can be deployed as an agent on a wide variety of hosts and flexibly route logs to multiple analytic tools or databases. Tested binary files for the syslog-ng Premium Edition are available for more than 50 server platforms, reducing the time required for installation and maintenance.