McAfee Enterprise Log Manager

Reduce compliance costs with automated log collection, storage, and management

McAfee Enterprise Log Manager collects, compresses, signs, and stores all original events with a clear audit trail of activity that can’t be repudiated.

  • Universal event log collection and retention meets compliance requirements.
  • Flexible storage and retention appropriate to each log source.
  • Supports chain of custody and forensics.
  • Provides event log management, analysis, and search functions.
  • Stores logs locally or via a managed storage area network.
  • Fully integrated with McAfee Enterprise Security Manager.
  • Flexible, hybrid delivery options include physical and virtual appliances.

Automate event log management and analysis

Intelligent event log management

McAfee Enterprise Log Manager collects logs intelligently, storing the right logs for compliance, and parsing and analyzing the right logs for security.

Meet compliance log retention requirements

Collect, sign, and store any log type in its original format to support specific compliance needs. Unaltered original log files support chain of custody and non-repudiation efforts.

Store logs locally or via a managed SAN

Customizable storage pools ensure logs are stored correctly, for the right amount of time. Choose from flexible storage options, including HDD appliance storage, and optional DAS and SAN storage.

Rich context for analysis

McAfee Enterprise Log Manager is an optional, integrated component of McAfee Enterprise Security Manager. Together, they provide context to every log, delivering critical information for security investigations and incident response.


Resources


System Requirements

McAfee Enterprise Log Manager can be deployed as a physical or virtual appliance. Specific McAfee Enterprise Log Manager models require McAfee Enterprise Security Manager (ESM) and McAfee Event Receiver (ERC). McAfee SIEM appliance specifications and descriptions are provided for information only, subject to change without notice, and provided without warranty of any kind, expressed or implied.

Model Numbers Maximum EPS Appliance Size Local Storage Network Interfaces (10/100/1000) System Requirements
ELM-VM-8 1,500 VM Recommended 250GB VM (AWS, ESX, KVM) 8 processor cores, 4GB of memory
ELM-VM-12 30,000 VM Recommended 500GB+240GB SSD VM (AWS, ESX, KVM) 12 processor cores, 64GB of memory
ELM-VM-32 70,000 VM Recommended 2TB+480GB SSD VM (AWS, ESX, KVM) 32 processor cores, 96GB of memory
ELM-4600 48,000 2U 1.8TB 2 Requires ESM and ERC
ELM-5600 60,000 2U 8TB + 240GB SSD 2 Requires ESM and ERC
ELM-6000 90,000 2U 14TB + 240GB SSD 2 Requires ESM and ERC

Related Products

McAfee Enterprise Security Manager, the core product in our SIEM portfolio, seamlessly integrates with our other SIEM solutions, offering deeper insights in data management, advanced correlation, dedicated database and application monitoring, as well as McAfee Global Threat Intelligence.

McAfee Enterprise Security Manager

McAfee Enterprise Security Manager delivers a real-time understanding of the world outside—threat data, reputation feeds, and vulnerability status—as well as a view of the systems, data, risks, and activities inside your enterprise.

As the foundation of our security information and event management (SIEM) solution, McAfee Enterprise Security Manager delivers the performance, actionable intelligence, and real-time situational awareness required for organizations to identify, understand, and respond to stealthy threats, while the embedded compliance framework simplifies compliance.
 
McAfee Advanced Correlation Engine

McAfee Advanced Correlation Engine

Deploy McAfee Advanced Correlation Engine with McAfee Enterprise Security Manager to identify and score threat events in real time using both rule- and risk-based logic. You tell McAfee Advanced Correlation Engine what you value—users or groups, applications, specific servers, or subnets—and it will alert you if the asset is threatened.

Read more

McAfee Application Data Monitor

McAfee Application Data Monitor

Advance security and compliance beyond log management by monitoring all the way to the application layer to detect fraud, data loss, and advanced threats. This SIEM tool supports accurate analysis of real application use, while enforcing policies and detecting malicious, covert traffic.

Read more

McAfee Database Event Monitor for SIEM

McAfee Database Event Monitor for SIEM

Get a complete audit trail of all database activities, including queries, results, authentication activity, and privilege escalations, widening your visibility into who’s accessing your data and why.

Read more

McAfee Event Receiver

McAfee Event Receiver

Collect up to tens of thousands of events per second with a single receiver, and use a highly indexed database to quickly retrieve data and analysis.

Read more

McAfee Enterprise Log Manager

McAfee Enterprise Log Manager

Reduce compliance costs with automated log collection, storage, and management. Collect, compress, sign, and store all original events with a clear audit trail of activity that can’t be repudiated.

Read more

McAfee Global Threat Intelligence for Enterprise Security Manager

McAfee Global Threat Intelligence for Enterprise Security Manager

Enhance your SIEM deployment with a constantly updated threat intelligence feed that broadens situational awareness by enabling rapid discovery of events involving communications with suspicious or malicious IPs.

Read more