Log360, the one-stop solution for all you SIEM needs.

What is Log360?

Log360 is a comprehensive SIEM solution that detects threats trying to penetrate your network and nips them in the bud. Log360 makes sure you're covering all your bases by doing most of the work for you, including automating log management; auditing changes in your Active Directory (AD) environment; monitoring your Exchange servers, Exchange Online, Office365, and public cloud setups; generating numerous audit reports; and raising alerts for critical events in real time. It gives you total visibility of your network by combining the capabilities of ManageEngine's five most powerful tools—ADAudit Plus, EventLog Analyzer, O365 Manager Plus, Exchange Reporter Plus, and Cloud Security Plus.

What can Log360 do for you?

 
ADAudit Plus

Real-time Active Directory change auditing solution.

EventLog Analyzer

Log management, analysis, and reporting solution.

O365 Manager Plus

Office 365 management, reporting, auditing, and alerting solution.

Exchange Reporter Plus

Exchange Server and Exchange Online reporting, auditing, and monitoring solution.

Cloud Security Plus

Public cloud infrastructure monitoring and reporting solution.

ADAudit Plus

Real-time Active Directory change auditing solution.

EventLog Analyzer

Log management, analysis, and reporting solution.

O365 Manager Plus

Office 365 management, reporting, auditing, and alerting solution.

Exchange Reporter Plus

Exchange Server and Exchange Online reporting, auditing, and monitoring solution.

Cloud Security Plus

Public cloud infrastructure monitoring and reporting solution.

What can Log360 do for you?

Application and network device auditing

In today's world, even small organizations have a fair number of network devices and applications installed. Imagine having to run from one network device to another to troubleshoot issues. Sounds like a nightmare, right? This is where Log360's auditing component can help. It can collect logs from all your network devices and applications, analyze them, and prepare reports based on the log data.

Forensic analysis

Have you ever tried sorting through logs to find those pertaining to a specific criteria, but soon realized that manually going through them was impossible due to the sheer volume of log data involved? Log360 has a search mechanism that can rapidly drill down through raw logs and retrieve results for your search query. Your search criteria can consist of wild-cards, phrases, and Boolean operators.

Real-time event correlation

Often, a single event viewed on its own may seem completely normal, but when viewed next to other related incidents, it could indicate a potential threat to your network. Log360 has a powerful correlation engine that can put together different events occurring in your network in real time, and validate if any are a potential threat or not. Log360 has over twenty predefined rules to detect known attack patterns. And that's not all—the custom rule builder allows you to create your own correlation rules as well. The correlation engine is closely tied to the incident management module to effectively resolve security incidents and ensure accountability in the incident resolution process.

Privileged user monitoring

Employees with high network privileges going rogue is one of the last things you'd want, right? These incidents can be incredibly damaging if these malicious insiders choose to sabotage the organization's resources. To help organizations monitor the activities of their privileged users, Log360 has a privileged user activity monitoring module. It closely analyzes user activities and generates graphical reports, which can paint a clear picture of what your privileged users are up to.

AD change auditing

Most organizations control access to their critical resources using AD, meaning you need to keep a close eye on any changes made to AD. Log360's AD auditing module can simplify this task for you. It detects suspicious changes to AD environments such as changes to GPOs, OUs, security principles, ACLs, admin group memberships, and much more. You'll receive real-time notifications for these critical changes along with detailed reports on who did what, from where, and how.

Threat intelligence

Many organizations today would ideally like to know about network security threats around the world. Log360 uses an integrated threat intelligence platform to make this possible. The module includes a database containing global malicious IPs and a STIX/TAXII threat feed processor that regularly retrieves data from global threat feeds and keeps you updated. You also receive real-time alerts when malicious sources try to establish contact with your network.