- Live monitoring of the incident case progress
- User-friendly and fast log browsing
- Graphical statistics of filtered logs
- Direct links to rulebase
- Create rules based on log entries
- Powerful drag-and-drop filtering
- Geographical locations resolving in the Log Details view
- Easy export to PDF, CSV, or XML
Log Browsing
StoneGate log browser is a tool to find quickly relevant information
from a vast amount of logs. This kind of information is needed for troubleshooting purposes,
detecting intruders, recovering from an incident, and providing evidence of an attack.
StoneGate provides detailed and easy-to-manage views to security events. From the log entry the administrator can, for example, directly open a corresponding rule in the security policy. The log browser contains statistical information of filtered log entries which allows the user see the traffic peaks of the security system.
Typically, larger StoneGate installations use multiple log servers which are located near the actual devices providing the log entries. This allows StoneGate log system to scale well to large environments and minimize the unnecessary log transfers over the Internet. Log information from all of these distributed lod servers will be collected and displayed in a single log browser, which makes it faster to find relevant information when, for example, investigating an incident, regardless of which StoneGate security engine has created the information.
As Incident management teams often need to communicate the details to other groups, such as a forensics team, log entries can be exported to XML, CSV or PDF format for easy sharing.
Log filtering
The
Log Query panel provides easy and efficient tools for
accurately retrieving necessary data.
In addition to filtering the log records table, the administrator can easily create statistics diagrams based on log data.
