Premium Content

Access "SIEM market, log management tools need a standardized log format"

Published: 22 Oct 2012

Raise the Standard(s)! SIEM vendors champion solutions to a mishmash of log formats. Security information and event management (SIEM) and log management tools are bedeviled by the absence of a standard log format. Consequently, vendors have to build some sort of connector to each supported device, application or OS, usually starting with those generating the most business, such as Cisco Systems and Check Point Software Technologies firewalls, then adding connectors for others customers demand most. The problem has grown as SIEM products and their requirements evolve from "a better IDS than IDS" for detecting and alerting on possible network security events, to compliance-driven tools for user tracking, auditing and reporting. "Six or seven years ago, SIEM was focused around the perimeter threat," says Ansh Patnaik, ArcSight senior product manager. "Now, compliance is exploding; there's more logging from more sources, and we're going higher up the stack into applications--in many cases, proprietary applications." So advanced SIEM tools need to support myriad ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside


More Premium Content Accessible For Free