PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
November 2007

SIEM market, log management tools need a standardized log format

Raise the Standard(s)! SIEM vendors champion solutions to a mishmash of log formats. Security information and event management (SIEM) and log management tools are bedeviled by the absence of a standard log format. Consequently, vendors have to build some sort of connector to each supported device, application or OS, usually starting with those generating the most business, such as Cisco Systems and Check Point Software Technologies firewalls, then adding connectors for others customers demand most. The problem has grown as SIEM products and their requirements evolve from "a better IDS than IDS" for detecting and alerting on possible network security events, to compliance-driven tools for user tracking, auditing and reporting. "Six or seven years ago, SIEM was focused around the perimeter threat," says Ansh Patnaik, ArcSight senior product manager. "Now, compliance is exploding; there's more logging from more sources, and we're going higher up the stack into applications--in many cases, proprietary applications." So advanced SIEM...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue