QRadar Log Manager is a comprehensive solution for organizations that are looking to implement a distributed event log manager to collect, archive, and analyze network and security event logs.
Log management has emerged as a required part of an organization's ability to deliver security best practices and meet specific auditing and reporting requirements of various government regulations, including:
QRadar Log Manager provides numerous advantages over other log management solutions, including:
The QRadar Log Manager appliance is an enterprise-class event log manager appliance that combines ease of deployment with a robust and scalable log management solution. QRadar Log Manager leverages QRadar's core correlation capabilities to provide best in class compliance and policy driven analysis and alerting as well as unparalleled ease of use for monitoring log activity in real time and historically. In addition, QRadar's Log Manager can be upgraded to full SIEM capabilities for enhanced work flow through a simple license key, leveraging your existing appliance investments.
The QRadar Log Manager architecture supports an easy to deploy scalable model through the use of Processor Appliances, such as the QRadar 1605 and QRadar 1624 that provide 6.5 or 16 Terabytes of dedicated secure storage for logs and performs real time correlation of logs up to 20,000 events per second.
The Event Collector provides continuous event logging capabilities when network connectivity is either unreliable, temporarily compromised due to bandwidth constraints or many remote, distributed locations require monitoring. Event Collectors simply collect event logs and forward them to an event processor or all-in-one appliance for correlation, analysis and long term storage. Also designed to collect event logs in distributed locations with relatively low event volumes (such as retail stores and bank branches), they provide a more economical approach than deploying many event processors. Events can even be forwarded according to a defined schedule, providing even greater control. Event Collectors appliances are available in both hardware and software configurations under the 15XX family designation.
With more data under surveillance and advanced analytic techniques than any security intelligence solution on the market, QRadar detects threats that others miss; providing unparalleled visibility into network and application activity that others cannot.
Uniquely correlating information from security logs, network flow analysis, the application layer, IAM solutions, user activity and asset-based vulnerability management and assessment in one, comprehensive solution.
Simple to deploy and manage, QRadar automates security and network device discovery as well as policy functions. QRadar's appliance-based architecture and embedded database removes the crushing complexity and costs that cripple the deployment and ongoing support of traditional SIEM and log management solutions.
Gartner Critical Capabilities Report
Get one now >>
Effective Security Monitoring Requires Context
Enterprise Information Security in Transition: An Opportunity for IBM
Learn more about QRadar Log Manager
Why security intelligence from IBM?IBM Security solutions