Log Intelligence Solution for Security Analytics
Logs are considered to be the heartbeat of the modern enterprise. , They indicate why an event occurred, as opposed to what and where - an area served by observability solutions through metrics and traces. The old paradigm saw the rise of index-based SIEM (Security Incident Event Management) architectures, from the likes of Splunk, Elastic and IBM QRadar.
However the modern security paradigm expects Security Analytics which is a combination of tools used to identify, protect and troubleshoot security events using real-time and historical data, before they happen.
CloudFabrix and MinIO Log Intelligence solution is meant for the new “Security Analytics” paradigm, where a full fidelity copy of the logs is kept in high performance, low cost, secured Observability Data Lake (MinIO S3 buckets), while the other copy is enriched, correlated and then streamed to a SIEM of Security Analytics platform of your choice. Only actionable data is now ingested in the Security platform, thus significantly reducing TCO and improving MTTI and MTTR.
CloudFabrix also provides low code Bots based Composable search which can filter and query log data at the edge, in the Osbervability data lake, to a time series database using a uniform Bot based query language.
The joint solution provides the following use cases
- Log Ingestion to Observability Data Lake
- Log Reduction, Routing & Replay from Observability Data Lake
- Log Enrichment, PII Masking
- Edge IoT, In-place search
- Log Predictive Analytics
With customer benefits as
- Faster Time to Insights and actions – The right data is discovered, searched, visualized, and then either presented as Composable decision boards or alert notifications.
- Reduce Complexity and Cost – associated with collecting, moving, indexing, storing, and then searching the data, increasing the TCO.
- Remove data silos – Low Code / No Code bots invoke a universal query language that can “In-place search” at the edge, across an observability data lake, any time-series database, or custom search tools like Splunk, Elastic, and others at the same time and aggregate data.
- Ease of use - Low Code / No Code bots make it easy for any Citizen developer to use search. Users can create search pipelines using RDA Studio, RDA Pipeline builder or simply using CLI commands.
- Work with any data type – Leverages patent-pending Robotic Data Automation Fabric Platform, which enables Data Integration and Ingestion, Data Filtering, and Transformation on Datasets, Dataframes, Dependency Mapings, Service tickets, Persistent Streams, and more using Low Code/No Code bots
Shailesh ManjrekarChief Marketing Officer,
Jonathan SymondsChief Marketing Officer,