Logs are essential for threat protection, intrusion discovery, incident response, forensics, litigation support, and regulatory compliance; they also monitor and enforce internal policies and procedures and measure IT performance. They’re invaluable to IT staff when troubleshooting network, system, and application issues, as well as for getting a handle on big data. The whitepaper, Build vs. Buy: Pros and Cons of Four Log Management Strategies, examines considerations for choosing a log management solution for your organization.
Log Management Strategies
What is the best way to collect, store, manage, analyze, and report on your log data? There are several choices:
- Build a solution, possibly using open-source components or off-shore resources.
- Outsource log collection and management to a log management service provider.
- Buy an appliance or software solution from a vendor.
- Combine two of these options.
Let’s look at one strategy that small to mid-size companies might choose:
Build It
Pros – You can attempt to build exactly the solution you need, with the platform, tools, and methods you prefer, and aside from labor, there’s no up-front monetary cost. Lower -cost offshore resources can make this work. And IT professionals may even relish the challenge of creating a solution and tackling the log beast.
Cons – Maintenance costs (due to an ever-changing sea of log formats), log types, and log sources can grow to overwhelming proportions—and the project often ends up killed. Because the solution is highly specialized, you will need highly competent staff to add, change, or repair it. Further, homegrown solutions are usually not scalable, so as the company grows and more data floods the network, changes, updates, and more frequent overhauls become necessary, leading to even more labor and maintenance costs. During updates and overhauls, downtime can occur and cost you even more time and money.
But if you do decide to build a log management solution, the whitepaper provides a number of open-source tools that perform some of the essential functions. Download Build vs. Buy: Pros and Cons of Four Log Management Strategies.
