In this paper we will discuss what events and logs are, when you should care about them, why you should care about them, and the sort of features (at a high level) that you should be looking for in potential solutions. We will also briefly discuss the state of the market for log and event management platforms, as this is somewhat confused at present. Note that we use the word ‘platforms’ advisedly: our view is that you should be able to collect and analyse all relevant data once, in a single place, which will support the (re)viewing of this information multiple times across the organisation, depending on the use case in question, as opposed to the siloed, separated, piecemeal approach that characterises the approach of many organisations to log and event management, resulting in duplicated technology and effort. We will discuss this further as we proceed. Finally, we will take a brief look at how one vendor, SenSage, addresses the issues raised in this paper.
To download this paper you must be logged in.