|
|
1. What is Log360?
Log360 is a comprehensive SIEM solution that integrates log management and AD auditing components into a single dashboard. With this web-based solution you can,
Manage log data: Collect, monitor, analyze, correlate, and archive log data from sources across the network.
Monitor privileged users: Track all activities including logon and logoff activities of privileged users. Get detailed session monitoring reports as well.
Comply to IT mandates: Be 100% compliant to various regulatory mandates including PCI DSS, HIPAA, FISMA, GLBA, ISO 27001, SOX, and more.
Audit AD in real-time: Audit all critical changes to Active Directory objects and get notified via email or SMS in real-time.
Protect confidential data: Monitor and track critical changes including creation, deletion, modification, and more happening to sensitive information on files/folders.
Track GPO and OU changes: Audit critical changes to your AD GPOs and OUs in real-time and get instant alerts.
Perform database auditing: Monitor all database activities, database server logons and logoffs, database server account changes, and more.
2. I have already deployed ADAudit Plus in my environment. Why should I get Log360 now?
Your ADAudit Plus deployment would've simplified your Active Directory monitoring and auditing challenges. However, when it comes to securing the entire organization's network, you need a complimentary solution that can manage, monitor, and audit other aspects of your network.
You need to go for Log360 as it brings both ADAudit Plus and the comprehensive log management solution viz., EventLog Analyzer together in a single console.
The EventLog Analyzer component complements the functionality of ADAudit Plus and also helps you to continuously monitor the entire network including network devices, Linux/Unix servers, IBM AS400 servers, applications, databases, Hyper Vs, and cloud environments such as Amazon AWS EC2 instances.
3. I have already deployed EventLog Analyzer in my environment. Why should I get Log360 now?
Your EventLog Analyzer deployment would've simplified your log management and compliance challenges. However, when it comes to SIEM, you need in-depth auditing of the Identity Access and Management (IAM) suite so as to mitigate internal security threats.
You need to go for Log360 as it brings both EventLog Analyzer and the real-time Active Directory auditing, monitoring, and alerting solution viz., ADAudit Plus together in a single console.
The ADAudit Plus component, complements the functionality of EventLog Analyzer and in addition to that provides detailed reports and real-time alerts that help in monitoring and auditing critical changes to Active Directory environment, track user behavior, auditing file servers and more.
4. What are the requirements that are needed for installing Log360?
Hardware requirements
| Hardware | Minimum requirements | Recommended System |
| Processor | Dual Core | 8+ Core |
| RAM | 4 GB | 8+ GB |
| Disk Space | 40 GB | Depends on the log flow rate |
Software requirements
ManageEngine Log360 supports the following Microsoft Windows operating system versions:
Supported Browsers
ManageEngine Log360 requires one of the following browsers to be installed on the system to access the Log360 web client.
5. Can I access Log360 over internet?
Yes. Once Log360 has been deployed and started, the web client can be accessed from anywhere.
6. Do I need any prerequisite software to be installed before using Log360?
No, Log360 does not require any prerequisite software to be installed.
1. How is Log360 licensed?
Log360 is licensed based on the number of devices that you add for monitoring. The solution has two components viz.,
Log360 license is based on both the number of devices that you need to monitor and the number of servers that you wish to audit.
2.If I had bought member server license in ADAudit Plus component, will I be able to monitor the same server in EventLog Analyzer component too? Or do I need to get the separate license ?
When you buy the auditing license for member server in ADAudit Plus component, you will be able to monitor the same server in EventLog Analyzer component too.
The member servers added for auditing will be automatically synchronized with EventLog Analyzer without any additional license.
3. If I choose not to buy auditing component of Log360, can I do so? Will the log management component function alone?
Yes. You can choose to disintegrate any of the components from Log360. To remove any of the components,
1. What are synced hosts?
Any device or server added in one of the components of Log360 will be automatically synchronized with the other component. Such devices or servers are termed as synced hosts.
For instance, when you add a member server in ADAudit Plus component of Log360, the server will be automatically synchronized with EventLog Analyzer components as well. In this case, that particular member server is a synced host.
2. I'm running Log360. However, I haven't purchased auditing component yet. Now I want to try it out. How do I purchase and integrate it with Log360?
Once you have Log360 in place, at any point of time you can purchase and integrate the ADAudit Plus component to audit the servers.
All you need to do is, get the corresponding license of ADAudit Plus by contacting us. Once you have purchased the license, follow the below steps:
The ADAudit Plus component will now be integrated.
3. How do I synchronize ADAudit Plus hosts with that of EventLog Analyzer?
All the hosts between ADAudit Plus and EventLog Analyzer will be automatically synchronized everyday at 12.00am. In case need to sync the host manually, follow the below steps
The hosts will now be integrated automatically.
1. Can I remove any one of the components alone from Log360? Will the solution be still functional?
Yes. At any point of time, you can remove any one of the components from Log360. To do so, follow the below steps:
2. How do I uninstall Log360?
To uninstall Log360, follow the below steps:
|
|
| Copyright © 2023, ZOHO Corp. All Rights Reserved. |