In the previous article, Digital Fingerprints—Log Management for the Cloud—Part I—we lightly touched upon the importance of log maintenance and management, and forensic analysis of digital fingerprints. In this article, we shall look at six features you must look for in the log management system provided with the Cloud backup service.

The Cloud backup log must capture and index every kind of activity on the enterprise system. For this purpose, the log application system must be designed comprehensively and must be capable of generating information in a variety of formats. For instance, the solution must support both agent based and agentless Cloud backup systems, must have the capacity to collect live information feeds from current activity and file-based Syslog feeds from storage.

Log formats must be standardized across devices.  Cloud backup services that integrate devices from multiple vendors to deliver their services must ensure that the device logs follow a pre-defined standard format, so that the end user does not have difficulty in understanding and deciphering the information contained in the log.  Alternately, the Cloud backup service must facilitate the conversion of these log systems into a standard format for ease of use. This normalization process will go a long way towards demonstrating legal compliance with extant legal mandates.

The log management system must support fast log analysis without compromising collection rates or storage efficiency. While this is a tall order, many Cloud backup service vendors are striving to achieve this ideal and differentiate their services from their competitors.

Log management solutions will work well only if storage is intelligently planned and executed. The solution should leverage external SAN/NAS/DAS storage and RAID failover systems. It should support popular archival protocols like NFS and CIFS. It should automatically enforce policy driven constraints for regulatory compliance.

Log collections should be secure and reliable if they have to demonstrate the confidentiality of the data and integrity of the system. Remote location log collections should provide buffers and show that data is reliably transferred without loss even when network connectivity is lost. Bandwidth prioritization in real time should be recorded and the logs must be preserved in their original form.
Finally, logs must enable the management correlate, investigate and remediate problems. The log must be searchable and capable of being used with high performance analytic tools.

Securstore’s Cloud backup solution, powered by Asigra, uses a secure, standardized, and searchable log management system. Why not try our solution for free for a month, with no obligation whatsoever!