Integris Log Aggregation helps you index and store syslogs and/or Windows event logs from any location on your network, and transfers those logs to the cloud for retention. This service is critical for clients in regulated industries – we mitigate risk and provide the necessary data to track technology changes in the event of a breach or lawsuit.
Our Log Aggregation Service Works In Two Ways:
- First, all Windows devices that have one of our remote management agents installed will send all Windows event logs to Integris’s log aggregation server over a secured TCP connection. Then, they will be processed and stored.
- Second, for syslog messages, a lightweight syslog server is installed inside your network. It will be given a static IP address and will listen for syslog messages on port 514 (TCP and UDP). As messages are received, they are temporarily stored, queued, and sent in batches to Integris’s log aggregation servers via HTTPS.