See how to optimize SIEM with syslog-ng HD

From this short video you can learn how to improve the ROI of your SIEM with syslog-ng. Learn more at https://www.balabit.com/improve-your-siem-deployment-and-reduce-total-cost-ownership Welcome, this video will show you how syslog-ng can optimize your Security Information and Event Management solution. Many organizations invest a lot of time and money in SIEM solutions. These solutions perform complex analysis on log data to identify security threats. But what happens if the log data feeding the SIEM is missing? What happens if the SIEM is overloaded by the amount of log data. Will your SIEM solution be able to detect security threats with incomplete data? syslog-ng can help. It can reliably and securely collect data from a wide variety of sources including servers, network and security devices and applications. With support for more than 50 server platforms, syslog-ng can be deployed in large, complex IT environments and its multi-threaded processing enables it to process hundreds of thousands of log messages per second from thousands of log sources. With this scalability, you can simplify and centralize your log collection and management with one tool in even the largest, most distributed networks. syslog-ng securely transfers log messages by using TLS encryption preventing access to sensitive data by third parties. syslog-ng ensures reliability with application level acknowledgement. Using the Reliable Log Transfer Protocol, the syslog-ng server acknowledges the receipt of log messages to the syslog-ng client ensuring no messages are lost. Syslog-ng enables you to filter out irrelevant messages reducing the data load on your SIEM solution. You can also classify messages prior to forwarding them. Parsing and re-writing tools allow you to structure unstructured data enabling you to forward data to your SIEM solution in a unified format. All log messages can be stored in compressed, encrypted binary files to ensure that the digital chain of custody is preserved. These filtering, classification and parsing tools can significantly reduce the amount and complexity of data feeding your SIEM. With syslog-ng as the log management infrastructure feeding your SIEM solution, you can improve the performance and reduce the cost of your SIEM solution.