Ops_brew-pipelines: Logs as a service
Ops_brew pipelines help you to centrally manage all your logs coming from different log sources such as application logs (SaaS applications, databases, custom applications), server logs, OS logs(Windows, Linux, Solaris), server performance logs etc. Store all your enterprise logs and build a searchable platform on top of ops_brew pipelines.
Do you want to reduce the billing of your SIEM tool? Ops_brew helps you to filter out the logs at device level, group level and log level. You will have complete control on the logs which are send to your SIEM solution. Not all logs are needed to send to any SIEM solutions.
Problems with present SOC implementations : If SIEM tool is the heart of security operations center, logs are the blood which flows through the SIEM. But here, in every case the logs which are gone to the SIEM is gone forever, it’s a one-way trip for the logs. We cannot get it back. What happens if an incident happens and you came to know about it after a year? By policies, it is mandatory for an organization to keep logs up to 8-10 years. Your SIEM tool can do archiving of logs to an extent. But the question is, will they maintain the actual raw log in archives? If the answer is NO, don’t you want to keep the raw logs? Even if they help you in archiving them, will you be able to do a search on top of it? Here with opsbrew, sits as a middleware between your log sources and SIEM and other tools, you can easily filter, redirect and collect your logs.
We use object store! Ops_brew use blob storage to store all the logs for longer retention. It organize the logs in a manner so that we can retrieve and replay a bunch of logs to any tool if a security incident happens. It makes your system very cost effective.
Multi-source multi-destination data/log collection and aggregation Application.
(*) Modular architecture for security
(*) Faster Searching and indexing.
(*) SaaS and PaaS [hybrid and multi-cloud]
(*) Platform built on Cloud-Native architecture
(*) Automated infrastructure build and tool deployment.
(*) Templatized pipeline build for reuse and contribute to community.