How to Search Billions of Logs Without learning New Script Language With SureLog SIEM?
SureLog is a solution that allows you to build your own search logic without a new script language.
SureLog has many options to query logs.
- Immediate Search
- Search Wizard
SureLog has many shortcuts to search logs. On every single report page, there is an immediate search option. The red boxes represented below shows an example of a firewall log search for “blocked” traffic to “126.96.36.199”.
SureLog has a search wizard. User can create a search filter using this search wizard. Filter option on every single page gives a quick link to this wizard.
After selecting the filter option, a new wizard will be shown to create a new search filter.
The third option to search billion of logs is using SQL language. SureLog uses SQL querying language which can be easily understood by most of the IT staff. SQL advantages:
- We can ask powerful and complicated questions,
- The analysis is repeatable,
- Easy to learn.