Log management review: LogRhythm LR2000-XM
The well-rounded LogRhythm XM appliance is feature-rich and flexible, from log collection to analysisFollow @rogeragrimes
Another solution that combines log management and event management functionality, LogRhythm's XM appliance is long on features and flexibility. It combines a wealth of data views, easy pivot tables, viewing and filtering of real-time data, and the ability to enhance both discovery and analysis with strong Active Directory integration.
LogRhythm sent its 2U high LR2000-XM (version 5.0) appliance with two quad-core Intel Xeon 2.53GHz processors, 24GB of RAM, four internal NICs, and an eight-drive RAID array with 2TB of storage (the max is 8TB). The LR2000 is a little different than its competitor appliances in that it runs 64-bit Microsoft Windows Server 2003 R2 SP2 instead of a Linux or Unix distro. In place of a Web interface, you manage the appliance by connecting to it locally or using RDP and starting the LogRhythm console program.
The install is slightly more cumbersome than the competition, requiring a Windows setup and activation, two licensing files, and some minor INI file editing. LogRhythm technical support can walk you through the whole process in 30 minutes.
LogRhythm XM: Log collection and management