Log data is a record of all the transactions and information that goes through your networks. Companies generate enormous amounts of log data every day.

 

SolarWinds Log & Event Manager (LEM) collects, stores, and normalizes log data from a variety of sources and displays that data in an easy to use desktop or web console for monitoring, searching, and active response. Data is also available for scheduled and ad hoc reporting from both the LEM Console and standalone LEM Reports console.

 

Mistake number 1 - Not monitoring your collected logs until you have a major incident

You’ve installed your new LEM software. Your job is done, right? Nope, sorry, but someone has to monitor the collected logs so they learn if there were any events and also to proactively learn when there may be another similar event. Use LEM Reports to view or schedule fixed reports for compliance purposes to:

    • Produce compliance reports
    • View reports based on specific regulatory compliance initiatives
    • Provide proof that you are auditing log and event data to auditors
    • Schedule formatted reports for LEM Reports to run and export automatically

 

Also, your organization may have to look at logs for auditing purposes. HIPAA regulations require medical organizations to establish an audit process. Ensuring data security is vital in business, most especially in any business that stores and transmits cardholder data. Any company with access to cardholder must ensure that they are in compliance with the standards set by the Payment Card Industry Data Security Standard (PCI-DSS). If a company is found to be non-compliant, they may face large fines and even have their credit card processing abilities restricted.

 

I’ll discuss other mistakes commonly made when new to LEM in future blog posts.