For the best web experience, please use IE11+, Chrome, Firefox, or Safari
Home / Rapid search and troubleshooting

Rapid search and troubleshooting

Whether you need to respond to a security incident, troubleshoot infrastructure issues, or debug applications, searching millions or billions of logs quickly is usually the first step. Having the right log data at the right time easily accessible is critical to your success. With syslog-ng Store Box, you can find the answer. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs.
syslog-ng Store Box, a turnkey appliance to manage your log data 02:59
Sign Up for Free Trial

Challenges

Difficulty accessing logs

With logs residing in different locations or on different systems, getting to the bottom of an incident becomes more difficult and takes more time.

Missing evidence

Piecing together what happened without all the information makes investigations more time-consuming and reduces confidence in the investigations conclusions.

Overwhelming amount of data

The sheer amount of log data to sift through in a forensic investigation can delay detection and resolution. Searching on extremely large amounts of data can take hours when you want the answer in seconds.

Unstructured data

Many companies struggle to make sense of log data that has varying formats and structures, sometimes for the same type of event.

Why syslog-ng?

Fast search

Even searching terabytes of data is quick and easy with the syslog-ng Store Box’s indexing engine and user interface.

Reliable log transfer

syslog-ng can ensure zero message loss during transport from clients to the central log server using TCP for transmission, the Reliable Log Transfer Protocol (RLTP™) for application acknowledgement, a client-side disk buffer, and client-side failover for network outages.

Distributed pre-processing

syslog-ng can filter, parse, re-write, enrich and classify data on clients at unparalleled speeds to reduce the size and complexity of log data stored centrally.

Tamper-proof transfer and storage

syslog-ng uses SSL/TLS encryption to transfer logs and store them in an encrypted, compressed and time-stamped log store.

Benefits

Faster times to resolution

Being able to segment and search mountains of log data allows for faster root cause analysis and remediation.

Higher quality data

Tamper proof, secure logs in their raw format provide legally admissible evidence.

Improved confidence in your investigation

Being certain that logs aren’t missing or haven’t been tampered with increases the confidence in the results of your investigation.