• Exabeam
SIEM

The Logs You Need, Just How You Need Them.

Regardless of collection method, Exabeam Data Lake treats data the same. Data Lake collects data from anywhere, whether local, remote, or in the cloud; and provides an out-of-the-box, file-based collector and Windows event collector. Data Lake also collects data from devices communicating via the Cisco eStreamer protocol, database logs, cloud application logs (PaaS, IaaS, and SaaS), and from external Kafka sources. In addition, Data Lake accepts Syslogs that are sent to the Log Ingestor from third party SIEMs and from hundreds of third-party security applications.

Context-Aware Log Parsing and Presentation

Never comb through a sea of raw logs again. Data Lake provides thousands of log parsers that add context to logs as they are ingested. If a parser is not available out-of-the-box, security engineers can use the Exabeam Auto Parser Generator to create their own parsers simply and quickly. The enhanced log view in Data Lake highlights the relevant security information including the associated user and source IPs from VPN logs. A guided search feature assists analysts by auto-completing search requests, while the filtered search feature optimizes queries and exports granular log data to dashboards and reports.

Natural Language-Based Rule Builder

In modern security management solutions, threat detection is often performed through a combination of correlation rules and behavioral analysis. High-value correlation rules are useful for certain tasks, like detecting policy non-compliance. Data Lake leverages a rule building wizard, capable of converting natural language syntax into effective correlation rules, enabling even the most junior analyst to craft complex and effective rules.

Centralized Collector and Health Management

Data lakes are only as effective as the data they collect. Gathering data from many sources often means thousands of log collectors must be managed—a very time-consuming task. To save engineers time, Data Lake allows them to centrally manage log collectors by configuring, updating, starting, and stopping collectors in bulk through templates. Engineers can easily monitor the health of their entire deployment and be confident analysts have the data they need to identify security threats.

Prebuilt Compliance Reports

Out-of-the-box security content helps ensure that required security controls are implemented and operating as expected. Data Lake provides prebuilt reports for compliance regulations—including PCI-DSS, Sarbanes-Oxley, GDPR, NERC CIP, and others—to help you demonstrate compliance to auditors with peace of mind.

Other Products