A web based real-time event log aggregation, analysis, monitoring and management system.
A log is a record of events occuring within an organisation's systems and networks. These events are generated by many sources, including security software, operating systems, networking equipment and applications.
The number, volume and variety of logs increase greatly as the IT environment is growing, making it harder to spot log entries that require administrative attention.
Log management comprises an approach to dealing with large volumes of computer-generated log messages (also known as audit records, audit trails, event-logs, etc.) and covers log collection, centralized aggregation, long-term retention, log analysis as well as log search, correlation and reporting
Consistent analysis of logs is beneficial for identifying security incidents, policy violations, fraudulent activity and operational problems.
Working with Echofish
Echofish provides administrators with a single view for centralised monitoring & proactive management of syslog events, through an intuitive user interface.
Through detailed reports, statistics, alerting and notifications, Echofish is able to deliver new levels of visibility and insight for the IT department and the business.
Admins can create whitelist filters for those events that don't require any sorts of administrative attention (e.g. messages that are just the audit trail of normal operations) to be silently archived. This process leaves behind a unique and customized view of syslog events, consisting of irregular entries (e.g. anomalies, errors, malfunctions, configuration errors, unusual activities, etc).
Echofish focuses around the premises that:
- daily operators need to have a clear view of activities on the IT infrastructure.
- within the large volume of syslog messages, certain events need to be addressed.
- events that are known to be good (whitelisted) should not clutter the sysadmins.
- a unified store of all important events enables correlation of events from different hosts and applications.
- certain events require further processing to enable alerts and automated actions on other systems.
Proper management of server logs is essential to ensuring early problem detection and response. By filtering out the "noise", Echofish can help you in creating a proactive environment capable of spotting and controlling problems before they even come up.