Log Collection and Analysis System

Product Service

Special Topics in Security

Security Research

About Us

About Topsec

China's leading cyber security, big data and cloud service provider

Learn about Topsec

Company Profile

Contact Us

Zero Trust

Build a dual system security framework of zero trust inference and trusted inference.

Log Collection and Analysis System Overview

Topsec Log Collection and Analysis System (TA-L) is the new generation of massive log management system based on non-relational data storage system. Based on the distributed architecture of message bus, the system adopts a combination of active and passive technical means to collect the logs in the security device, network equipment, server data and application system constantly in 7X24h, and then realize the full-life-cycle management of massive logs by log collection, processing, storage, backup, query and statistics, compliance statement and correlation analysis.

Activity & Announcement

Hot products Next Generation Firewall
Typical cases CNCC security construction project

Advantages

Comprehensive log collection

The system can collect multi-type and multi-manufacturer logs fast, format complicated logs, and solve the problems of numerous, scattered and heterogeneous formats of devices.

Ultimate storage and compression

In addition, the system can reduce the occupation of hard disk space significantly based on efficient storage and compression, address log retention demands under big data scenarios, and comply with the provisions specified by relevant policies and laws.

Ten-billion-level data display upon query

The system is provided with the combined search of any character string, and the multi-condition interactive search result of ten-billion-level data can be returned in less than 10s, and the search result can be subject to correlation analysis automatically and used accordingly, with the distinctive display of the occurrence time of security incidents, access source, danger level and influencing range.

Visible multi-dimensional logs

With built-in multi-dimensional data online analysis model, the system integrates several data display models, including global map, national map, topological graph, time shaft, etc., and can analyze and display the query result in real time, and reflect the system operating conditions intuitively.

Fast alarm response

By following multi-incident analysis and response strategy, and the security incident rules based on status analysis, the system can position network-wide security incidents comprehensively, find abnormal behaviors fast, and sound real-time alarms by email, short messages, SNMP, etc.

Intelligent correlation analysis

The system is preset with massive security analysis scenarios, and is also provided with all-dimensional, cross-equipment, fine-grained, and out-of-the-box correlation analysis capacity.

Application

Scenario

In policy compliance applications, the system can automatically collect, analyze and store logs for different equipment and systems in the network, and comply with the policy compliance requirements after setting the TA-L in the users' network.

Issues Resolved

The system can collect network-wide business logs automatically, and solve the issues related to the large number of equipment and their dispersed distribution.
In addition, it also solves complicated log formats, and the different log structures and formats of different manufacturers as well as the understanding difficulties, etc.
The system can also achieve the complete storage of logs, solve the issues related to the large number of logs and no effective ways of storage, and comply with the requirements for 180-day storage.

Scenario

Under large-scaled log scenarios, the system is implemented by multi-level deployments. The superior audit center at the Headquarters cascades with the subordinate audit center of each directly subordinate unit. Data is subject to distributed storage, and then independently collected, analyzed, stored and managed by subordinate units, and the Headquarters can query statistical data and log data as required.

Issues Resolved

All levels of system can realize all functions independently.
The superior management center can intensively check log sources, logs, statements, warnings and other information of each subordinate unit. The subordinate units can implement collection, analysis, storage and management independently.
Subordinate nodes are arranged flexibly, solving the requirements for system expansion under large-scaled log environment.

Value to Customers

Full-life-cycle management of massive logs

The system can help customers improve their capacity to manage logs by implementing unified management in the full life cycle, covering the collection of massive logs, data processing, data storage, statistical analysis as well as data backup and recovery.

Meet compliance requirements

The system is built with various analysis scenarios based on equal protection, classified protection and other compliance requirements, to provide customers with the technical support to implement compliance construction, and can fully comply with the compliance requirements.

Huge support for daily operation and maintenance

By collecting, storing, analyzing massive data and making statistics, the system can timely find security incidents in the information system, and solve the difficulties in low labor efficiency, complicated massive data management, etc.

Relevant Recommendations

Product Recommendation

Special Recommendation

News Recommendation