BOCI-Prudential Trustee Limited achieves cost-effecient and effective log management with EventLog Analyzer

Business challenges:

Handling Large Log Volumes Efficiently: BOCPT needed a solution that could manage a high volume of logs effectively. Their previous SIEM solution had expensive licensing costs, making it difficult to scale log management without incurring significant expenses.

The problem

Before switching to EventLog Analyzer, BOCPT faced operational challenges due to high SIEM costs and the complexity of managing large volumes of logs. The existing Their previous solution, LogRhythm, was expensive and did not provide the flexibility needed for their IT environment. Joseph Li, IT Manager at BOCPT, explained,

Additionally, log consolidation and monitoring were inefficient, making it difficult to track security incidents effectively. The company required a centralized logging solution that could automate alerting and security monitoring while remaining affordable and scalable.

The Solution

BOCPT's IT team replaced their LogRhythm license with implemented ManageEngine EventLog Analyzer, which helped consolidate and streamline log management and security monitoring. Reflecting on the solution's unique benefit, Li cited that " EventLog Analyzer has a reasonable licensing scheme to tackle the issue". The company centralized logs into two servers, separating Windows and non-Windows environments. This organization allowed for easier monitoring while maintaining system efficiency.

“EventLog Analyzer consolidates all logs from our environment into two servers, separated by Windows and non-Windows. Alerts are built to notify relevant engineers,” said Liu. The alerting system was particularly beneficial, allowing different teams to receive notifications through multiple channels, ensuring quick responses to security events.

EventLog Analyzer’s dashboard provided a quick and simple overview of security events, though Liu noted that loading times could be improved. While the team had not fully explored reporting capabilities due to resource constraints, they appreciated the out-of-the-box correlation rules, which helped detect critical security scenarios.

Additionally, the customizable alert profiles allowed BOCPT to define their own security monitoring criteria. “There are some out-of-the-box profiles that we use, but we also defined our own. The interface is easy to use, and notifications can be sent through different channels to the right teams,” Liu added.

BOCPT rated EventLog Analyzer an 8/10 and would recommend it as a cost-effective log management and security solution. “It has all the basic features that a SIEM product should carry,” Liu stated.

About EventLog Analyzer

EventLog Analyzer is complete log management software that provides holistic cybersecurity. It collects, analyzes and manages log data from over 700 log sources. With real-time security auditing capabilities, it's easier to monitor critical changes in all your end-user devices. EventLog Analyzer offers instant threat detection to uncover security threats using event correlation and threat feed analysis, and instant mitigation using automated workflows. For more information about EventLog Analyzer, visit manageengine.com/products/eventlog/.