CorreLog Correlation Server: Now Available for Public Download and Trial

Share Article

Announcing the public release of the CorreLog Server, a high-speed, real-time message aggregation and correlation server for security and log file management. CorreLog uses a variety of exclusive correlation techniques to interpret large numbers of messages received from Windows, UNIX, and other systems. Free 30-day evaluation copies of this software are now available from http://www.correlog.com.

CorreLog, Inc., announces the public release of its flagship product, the "CorreLog Server", which provides high-speed, real-time correlation of message data. Previously, this software has been available only to selected partners of the company. The complete CorreLog system is now accessible for general public download from http://www.correlog.com, for installation on Windows 2000, 2003, 2008, XP, and Vista platforms.

The CorreLog Server performs high speed, real-time correlation of syslog, SNMP trap, and Windows event log messages using a unique "semantic correlation" algorithm. The server then takes specific action on the correlated results, such as by opening trouble tickets, running notification programs, or executing recovery and reporting programs. This permits the system to operate as a stand-alone message aggregator, and also serve as the correlation component in a larger management strategy.

CorreLog uses a variety of exclusive correlation techniques that interpret large numbers of received messages. The software incorporates a high-speed, index-driven search engine as its front end, and employs Artificial Intelligence (AI) technology as a back end to derive meaning from massive amounts of real-time enterprise data. The interactive search engine permits fast searching of gigabytes of data. The correlation component reduces this enormous amount of data into brief and meaningful incidents.

Correlation of data, particularly with regard to security management, has been an ongoing challenge for organizations, especially in recent years, due to regulations such as Sarbanes-Oxley, PCI, FISMA and HIPAA, all of which have imposed rigorous new demands on IT departments. The CorreLog Server, with its advanced correlation techniques, is intended to satisfy those difficult requirements.

According to Jeff Davison, CTO of CorreLog, Inc: "Correlation is all about interoperability. First, you need to operate with all the critical hardware systems in your enterprise. We provide that in the CorreLog Server, which is an intuitive and standards-based framework. But once you've accomplished that, you quickly see there is a more significant issue, which is how to interoperate effectively with humans. You need to reveal patterns in vast amounts of data in a way that makes sense to people. That is the much bigger problem, and the one that CorreLog is uniquely designed to solve."

CorreLog achieves correlation by implementing event-threading algorithms, an alerting system that feeds data back into the system, and message triggers that look for context in message streams. It operates as a type of "recurrent neural network", with the ability to suggest thresholds and make recommendations regarding key configuration items.

The entire system installs quickly and comes pre-configured as a security monitor for Windows, UNIX, firewalls, and network hardware. CorreLog is web-based, ODBC database compliant, and has a comprehensive and extensible reporting facility, including the ability to publish reports using RSS.

CorreLog runs on all versions of Windows platforms ranging from Windows 2000, 2003, 2008 workstations and servers, as well XP and Vista. The CorreLog website, in addition to providing fully functional evaluation download packages, also provides various white papers that describe the system's unique correlation processes, including both overview and more detailed information.

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

George Faucher
Visit website