立即与支持人员聊天
与支持团队交流

syslog-ng Store Box 7.0.4 LTS - User Guide

Preface

Welcome to the syslog-ng Store Box 7.0.4 LTS User Guide.

This document describes how to use the syslog-ng Store Box (SSB). Background information for the technology and concepts used by the product are also discussed.

Target audience and prerequisites

This guide is intended for auditors, consultants, and security experts responsible for auditing, monitoring, and troubleshooting applications and server administration processes. It is also useful for IT decision makers looking for a tool to improve the security and auditability of their servers, or to help compliance with the Sarbanes-Oxley (SOX), the Health Insurance Portability and Accountability Act (HIPAA), Basel II, or the Payment Card Industry (PCI) standard.

Introduction

This chapter introduces the syslog-ng Store Box (SSB), discussing how and why it is useful, and what benefits it offers to an existing IT infrastructure.

NOTE: Due to complexity of deployment, configuration, and design, you may require assistance from One Identity Professional Services while introducing new or additional:

  • sources

  • destinations

  • log paths

  • significant increases in log volume.

One Identity Professional Services is equipped and trained to evaluate the needs of any organization, and to provide configuration and architectural recommendations that help our users get the most out of any SSB version.

One Identity Professional Services offer assistance in planning and scoping for current needs, as well as recommendations for the future to ensure success.

What SSB is

syslog-ng Store Box (SSB) is a device that collects, processes, stores, monitors, and manages log messages. It is a central log server appliance that can receive system (syslog and eventlog) log messages and Simple Network Management Protocol (SNMP) messages from your network devices and computers, store them in a trusted and signed logstore, automatically archive and back up the messages, and also classify the messages using artificial ignorance.

The most notable features of SSB are as follows:

  • Secure log collection using Transport Layer Security (TLS).

  • Trusted, encrypted, and time stamped storage.

  • Ability to collect log messages from a wide range of platforms, including Linux, Unix, BSD, Sun Solaris, HP-UX, IBM AIX, IBM System i, as well as Microsoft Windows.

  • Forwards messages to log analyzing engines.

  • Classifies messages using customizable pattern databases for real-time log monitoring, alerting, and artificial ignorance.

  • High Availability (HA) support to ensure continuous log collection in business-critical environments.

  • Real-time log monitoring and alerting.

  • Retrieves group memberships of the administrators and users from a Lightweight Directory Access Protocol (LDAP) database.

  • Strict, yet easily customizable access control to grant users access only to selected log messages.

  • Ability to search log data in multiple logspaces, whether on the same SSB applicance or located on a different appliance, even in a remote location.

SSB is configured and managed from any modern web browser that supports HTTPS connections, JavaScript, and cookies.

Supported browsers:
  • Mozilla Firefox ESR

We also test SSB on the following, unsupported browsers: Microsoft Edge, Google Chrome. The features of SSB are available and usable on these browsers as well, but the user experience may be different from the supported browsers.

NOTE: SSB does not support, and it is generally discouraged to use, Internet Explorer (IE) 11 since Microsoft has ended its support on June 15, 2022.

自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
RSS订阅源
联系我们
获得许可 帮助
技术支持
查看全部
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级