Log Monitoring Service

System log files can provide a wealth of knowledge about successful or failed login attempts, changes to services, changes to a system, etc. In the context of security, they can be very useful in the auditing of servers or other systems on the network. For example, if a user attempted to brute force their way into a secure application server, you would never know unless that system were logging and someone was monitoring those logs. Another common cause of concern with logging is that most crackers that break into a system will delete or alter the log files to cover their tracks. If you are only logging locally, you cannot always trust the logs on the server or system that has been compromised.

Seeing this need and concern, we have created our Log Monitoring Service. With this service, we have the ability to capture the log files from log enabled systems and keep them in a central secure location. This enables us to monitor failed login attempts, user logon/logoff, or anything else deemed important for maintaining the security of a system and the network. If a system does become compromised and the log files are tampered with from that local system, we will still have access to the unaltered logs stored on our secure, central system. Some of the more important devices worth monitoring are:

Not only is monitoring these logs files important, storage of these log files can also be of utmost importance when pertaining to compliance regulations. HIPAA requires these log files be stored for several years to ensure that they can be accessed to assist security professionals or law enforcement while investigating a security incident. If requested, we can archive these files for extended periods of time.