HP announces HP ArcSight Logger version 5.5! This new release is 10 times faster than the previous version, making it the fastest search engine for machine data. Combined with hundreds of performance enhancements, Logger now has better peer-search capability than its earlier version--making it an ideal log management solution for enterprises with hundreds of different types of log-generating sources.
Logger is a unique log management solution that takes the raw and structured machine data to categorize and normalize. It is process to filter, parse, and enrich with rich metadata. This is done for all the data that Logger collects at over 100,000 events per second, while categorizing and normalizing this at the same speed. This enables users to perform quick forensic investigations with no domain expertise. You don’t need any regex or syntax experience to analyze the machine data.
The new HP ArcSight Logger 5.5, through its decade of domain expertise, has analyzed and chosen some of the specific fields in the categorization fields that represents most of the use cases. Those fields have an accelerated algorithms that enhances the search on those fields. This has resulted in a dramatic increase in the search speeds of machine data, especially when you search by those fields. The number of fields that Logger has chosen to accelerate is good enough for most of the use cases in a day-to-day security operations enabling nearly 10 times faster results on an average.
On a specific use case where you are searching for the null set, meaning you are looking for the data that does not exist, the search result is astronomically faster. For instance, you want to see if there was any communication between IP address 10.1.1.1, which is a known bad domain, with any of your IT devices. When you search for “10.1.1.1” within Logger, and if it there is no log for communication, the result is returned in a fraction of a second, searching over billions of events.
The new Logger will be released during the first half of April 2014. When the new Logger is released it will be 70% smaller than its current size, enabling you to download and try the new version in minutes. Look for more details on the blog during the first week of April 2014.