McAfee Enterprise Log Manager automates log management and analysis for all log types, including Windows Event logs, Database logs, Application logs, and Syslogs. Logs are signed and validated, ensuring authenticity and integrity — a necessity for regulatory compliance. Out-of-the-box compliance rule sets and reports make it simple to prove your organization is in compliance and policies are being enforced.
Using this tightly integrated log collection, management, and analysis environment will both strengthen your security profile and dramatically improve your ability to comply with over 240 standards, such as PCI DSS, HIPAA/HITECH, NERC-CIP, FISMA, GLBA, and SOX.
Intelligent log management — Enterprise Log Manager collects logs intelligently, storing the right logs for compliance, and parsing and analyzing those logs for security. You can retain logs in their original format for as long as you require for specific compliance needs. Since we do not alter the original log files, McAfee supports chain of custody and non-repudiation efforts.
Integrated with Enterprise Security Manager — Enterprise Log Manager is an optional, integrated part of McAfee Enterprise Security Manager. While Enterprise Log Manager stores the logs, they can be deeply parsed, normalized, and analyzed by Enterprise Security Manager. Log information is immediately available for real-time security investigations and incident response.
Features & Benefits
Meet compliance log retention requirements
Collect, sign, and store any log type in its original format for as long as you require to support your specific compliance needs.
Adapt storage and retention to each log source
Use easily customizable storage pools to ensure that your logs are stored correctly and for the right amount of time.
Analyze and search logs conveniently and appropriately
Differentiate logs stored for compliance from logs to be parsed and analyzed for security.
Store logs locally or via a managed SAN
Choose the best storage option for your needs — with up to 7.5 TB of usable HDD storage on the appliances, and optional fiber channel cards for high-speed SAN storage.
Integrate log management with situational awareness
Get one-click access to original log files and even the specific log record from any point in the event management process.
Leverage use cases
Provide log management and retention capabilities to support advanced use cases, including:
- Establishing and automating compliant data/log retention
- Establishing non-repudiation of evidence
- Establishing an audit trail for administrator activity
- Establishing an audit trail for user account activity and changes
- Establishing automated reporting