System Logs: A Sea of Opportunity

redborder Vault will collect, enrich, correlate and store logs securely and in a highly scalable way. It is valuable both on its own and together with the other Apps.
Vault, Big Data technology for your logs

redborder Vault will collect, enrich, correlate and store logs securely and in a highly scalable way. It is valuable both on its own and together with the other Apps.

This is a new era in log management. Use storage to benefit from the knowledge that you were just throwing away. This paradigm shift is made possible by using inexpensive scale-out storage.

 

redborder Vault will collect, enrich, correlate, and store logs in a highly scalable, secure, and intelligent way such that the data is valuable both on its own and in cooperation with the other Apps. Vault is our syslog server.

 

Meta data extraction

 

Log processing is a complex semantic task. While the syslog standard is defined, the contents of each log message are very vendor-specific. redborder Vault will extract as much metadata as is present in the log to normalize it for uniform understanding and processing.

 

Enrichment

Logs will be much more valuable and understandable when enriched with intelligence feeds. This is a key element in the redborder platform, as we always enrich the data. Vault will use our reputation feeds as well as other information gathered in the system to enrich the logs.

 

Correlation

 

Extend the decision-making capabilities of redborder by applying your business logic to a sequence of events to trigger new events or alarms. Search for specific event conditions, sequences of events in a time window, computed limits, etc., to mimic your logic.

 

Storage

redborder combines metadata storage in Druid’s OLAP for screaming fast interactive analysis with Hadoop raw storage for unaltered and secured evidence analysis. All logs are timestamped and hashed for evidence in case it is needed.

Most important features of Vault App
Anomally detection
Anomally detection
On-premise
On-premise
Event Management
Event Management
Contextualization
Contextualization
Dashboards and reports
Dashboards and reports
Centralized configuration
Centralized configuration
Storage
Storage
Enrichment
Enrichment
Correlation
Correlation
Meta Data extraction
Meta Data extraction
Vault
IPS App

Managing SNORT* events is not new to open source. What makes us unique is the Blend Security & Network Analytics.

Network Visibility App

Just point your traffic probes to redborder and start gathering knowledge about your network. If you need more power, plug a new server into the cluster, in the Enterprise edition. redborder is the only horizontally scalable Open Source Netflow v9/ IPFIX collector.

 

Social App

The redborder Social App allows you to gather information of interest to you and your clients through Twitter usage.

Malware App

By the use of multiple malware detection engines and reputation services redborder goes beyond file analysis to detect malware.

Vault App

redborder Vault will collect, enrich, correlate and store logs securely and in a highly scalable way. It is valuable both on its own and together with the other Apps.