Log Intelligence
Reduce Noisy IT Logs/Events. Cut your SIEM Costs.
Log Intelligence now available on AWS Marketplace
cfxcloud Log Intelligence Splunk and SIEM Preprocessor
Problem Statement
The Ever Increasing Log Volume
CISO / VP Cloud / Enterprise Architects
Business impact - Limited predictive intelligence
Growth of Industry Spending on Data Related Costs - Yet 50+%
Splunk / ElasticSearch Admins
Increasing SIEM costs. Increasing total cost of ownership (TCO)
Data Growth - 463 Exabytes/Day by 2025
ITOps / SREOps / DevSecOps
Increasing noise in logs/events. Operational complexity
Percent of Data Analyzed so far - Only 30%
Solution
Meet Log Intelligence
With Log Intelligence you can reduce the noise in your IT/logs events without losing context or the essence of events. Log Intelligence sits in between your enterprise IT logs/events and your SIEM tools (like Splunk, QRadar, Exabeam etc.) and lets you intelligently reduce noise using a combination of AI/ML models and configurable rules using data bots and pipelines.
- Data Reduction
- Data Enrichment
- Data Replay
- Data Analytics & Observability
Take back control of your Business and IT
Dynamic and real time AIOps Observability Pipelines
Featured Integrations
Log Intelligence integrates with popular enterprise log/event collectors, firewalls, IPS/IDS devices, security devices and with Datalake, analytics, SIEM, SOAR, XDR platforms
Log Data Reduction
Intelligently Reduce log/event volume using AI/ML bots and low-code pipelines
- Reduce TCO by up to 50%
- Reduce SIEM costs by up to 40%
- Improve MTTI / MTTR by 60% and derive actionable insights
- More...
Log Data Enrichment
Add context to log/event data before it hits SIEM.
- Perform DNS lookup
- Perform Geo IP lookup
- Get App/Service context CMDB
- Detect Asset Lifecycle Events using vendor integrations
- More...
Log Data Replay
Multiple destinations for archival, compliance and replay
- Full logs routed to S3 bucket for archival and compliance
- Only selective logs to SIEM, reducing costs by up to 40%
- Replay from full logs to SIEM on-demand
- More...
Log Data Analytics & Observability
- Establish trends, understand patterns
- Monitor and alert on data changes
- Configurable alerting
- Intelligent alerting with AI/ML
- More...
Log Intelligence Service Benefits
Log Ingestion
- Bring your own log tool (BYOL)
- Ingest data in pull/push/batch modes
Log Reduction & Replay
- Up to 40-80% log volume reduction using correlation techniques
- Replay using UTC timestamps, IP addresses, and certain patterns, to your choice of stream
Log Routing
- Aggregate logs, normalize, transform, enrich
- Route to multiple locations - data lakes, log stores, analytics platforms, composable dashboards
Log Enrichment, PII Masking
- Enrich logs using Geo-IP or DNS looksups from InfoBlox, CVE MITTRE and TIP feeds
- PII Mask sensitive information
Edge IoT, In-place search
- In-Place Search, Collect and store only actionable data as a full-fidelity copy in Observability Data Lake
- Replay on security breaches and compliance needs
Log Predictive Analytics
- Convert logs into metrics and use a number of regression AI/ML models for anomaly detection
Features
| Functionality | Freemium | Standard | Enterprise |
| Event Gateway | |||
| Centralized Management | |||
| Batch Collection and Replay | |||
| Encryption and Masking | |||
| Enrichment | |||
| Filtering ( whole event and fields) | |||
| Parsing and Reshaping | |||
| Aggregation ( Logs to Metrics) | |||
| Sampling and Dynamic sampling | |||
| Data Volume | Upto 1 TB/day | Upto 5 TB/day | Unlimited |
| Worker nodes | 10 | 50 | Unlimited |
| Routes to Destination | Unlimited | Unlimited | Unlimited |
| Sites | 1 | 1 | 1 |
| Support | Slack Community | 8x5 | 24/x7 |
| External Auth ( LDAP and OpenID, Auth0) | |||
| RBAC | |||
| Versioning | |||
| Compression | |||
| Edge to Core data fabric | |||
| Analytics dashboards customizable with Service Blueprint | |||
| Low code platform | |||
| Data Governance ( audit, centralized registration, encrypted credentials) | |||
| Any K8s | |||
| cfxEdge | 100 nodes | Unlimited |
Pricing
| cfxCloud Annual | On-Prem Standard | On Prem Enterprise | cfxCloud - Standard | cfxCloud Enterprise |
| Upto 1 TB | $19,200 | Contact for Pricing | Contact for Pricing | Contact for Pricing |
| Upto 2 TB | $27,000 | Contact for Pricing | Contact for Pricing | Contact for Pricing |
| Upto 5 TB | $54,000 | Contact for Pricing | Contact for Pricing | Contact for Pricing |
| cfxCloud Monthly | ||||
| Upto 1 TB | $1,600 | $5,000 | $3,042 | $7,604 |
| Up to 2 TB | $2,250 | $6,250 | $4,867 | $10,950 |
| Upto 5 TB | $4,500 | $7,000 | $9,125 | $21,292 |
| cfxCloud - $/GB | ||||
| Upto 1 TB | $0.05 | $0.16 | $0.10 | $0.25 |
| Upto 2 TB | $0.04 | $0.10 | $0.08 | $0.18 |
| Upto 5 TB | $0.03 | $0.05 | $0.06 | $0.14 |