Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
LogLogic’s LX 2000 is an excellent log analysis tool. It is powerful, can be distributed, and is a mature and useful product. But it is not for the faint-hearted. While its user interface is excellent, it has many hidden capabilities that require some time to understand.
We wanted to feed the product our log test set, but found that challenging since the LX 2000 is intended to analyse logs in near real-time. While it is quite capable of batch analysis, it takes an effort to import the logs for analysis, although once imported, analysis is intuitive and the user has a large variety of options. Some of these depend on the type of log and the LX 2000 offers an immediately available chart for every type of log that specifies what analysis features the log type supports.
The LX 2000 is as feature-rich as anyone could wish. Its displays are straightforward and one can perform a wide variety of analyses with relative ease. Coupled with the ST 3000 large-scale storage appliance, the LX 2000 becomes an extremely powerful tool for managing, analysing and archiving huge amounts of data.
Documentation comes as a set of PDF files in a CD. The manuals are clear and comprehensive, with all the detail needed for most tasks. Specialised tasks need to be referred to LogLogic support, and we found support for the LX 2000 to be first rate.
It doesn’t come cheap, although given the high-end environment for which it is intended, we feel the price is reasonable.
A product such as the LX 2000, as well as being an important network forensic analysis tool, is a key ingredient in managing the overall security of all sizes of networks. The LX 2000 alone is suitable for small to mid-sized enterprises, while the addition of other LogLogic family products allows scaling to virtually any size.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.