HP Announces major update to ArcSight Logger with 10x faster search

logger 3.pngHP announces HP ArcSight Logger version 5.5! This new release is 10 times faster than the previous version,  making it the fastest search engine for machine data. Combined with hundreds of performance enhancements, Logger now has better peer-search capability than its earlier version--making it an ideal log management solution for enterprises with hundreds of different types of log-generating sources.

 

Logger is a unique log management solution that takes the raw and structured machine data to categorize and normalize. It is process to filter, parse, and enrich with rich metadata. This is done for all the data that Logger collects at over 100,000 events per second, while categorizing and normalizing this at the same speed. This enables users to perform quick forensic investigations with no domain expertise. You don’t need any regex or syntax experience to analyze the machine data.

 

The new HP ArcSight Logger 5.5, through its decade of domain expertise, has analyzed and chosen some of the specific fields in the categorization fields that represents most of the use cases. Those fields have an accelerated algorithms that enhances the search on those fields. This has resulted in a dramatic increase in the search speeds of machine data, especially when you search by those fields. The number of fields that Logger has chosen to accelerate is good enough for most of the use cases in a day-to-day security operations enabling nearly 10 times faster results on an average.

 

logger 5.pngOn a specific use case where you are searching for the null set, meaning you are looking for the data that does not exist, the search result is astronomically faster. For instance, you want to see if there was any communication between IP address 10.1.1.1, which is a known bad domain, with any of your IT devices. When you search for “10.1.1.1” within Logger, and if it there is no log for communication, the result is returned in a fraction of a second, searching over billions of events.

 

The new Logger will be released during the first half of April 2014. When the new Logger is released it will be 70% smaller than its current size, enabling you to download and try the new version in minutes. Look for more details on the blog during the first week of April 2014.

 

Comments
Jun Yao(anon) | ‎03-06-2014 05:59 PM

If there is not a increasement of the data write time , this should be a great reinforcement

Fred McGhee(anon) | ‎04-22-2014 03:35 AM
This is outstanding news because the old version was extremely slow which caused a lot of people to abandon their search half way through.
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.