The Active Watch GIAC experts augment your existing IT team to shift the burden of 24x7 monitoring ensuring rapid detection and response to incidents Schedule Demo Alert Logic provides the key elements to identify network threats so you can respond quickly: People Highly trained GIAC security experts monitor, analyze, and alert you to incidents 24x7.
Real-Time Network Monitoring We collect and monitor real-time activity in your network and computing environment.
Active Watch™ combines a cloud-based intrusion detection system (IDS) and vulnerability assessment solution - delivered as a service - that works in any datacenter environment, from on-premises to the cloud.
To perform deeper analyses on these events, especially in relation to other events across your installations that might not be monitored by , you may wish to integrate these Halo events into whatever log-management and analysis or SIEM solutions your organization uses, as described next.
If your organization already uses log-management, log-analysis or SIEM tools such as Splunk, Sumo Logic, Arc Sight, or RSA en Vision, you can leverage their power by integrating Halo log-based intrusion detection with them.
Like other Halo policies, it consists of rules that are applied to an object being scanned on a server.
In this case, each rule includes (1) the path to the log file to scan, (2) the event message or ID to look for (specified with a search pattern), and (3) whether to send a Halo alert when this event is detected.
When enabled and configured, this module detects selected important events that are recorded in any number of system or application log files on any of your servers.