Use Central Log Management for Security Operations Use Cases

Gartner Research

Central log management is an important, but often undervalued, tool for an organization’s threat management capabilities and compliance requirements. Security and risk management leaders can benefit from the adoption of a log management tool for multiple security operations use cases.

Discover Gartner Recommendations for Security and Risk Management Leaders

  • Use a central log management capability and tool when there are budget and staff constraints, basic security monitoring requirements, and compliance-specific use cases.
  • Implement a CLM approach to expand log collection and analysis when an SIEM solution would be too expensive or complex.
  • Invest in CLM tools with efficient storage, fast search and flexible visualization to enhance the investigation and analysis of security incidents and support threat-hunting requirements.
  • Ensure that applicable factors and considerations are addressed before implementing a CLM solution.

Discover More: How to Enhance SIEM Log Management?


Gartner_logo_RGB

Gartner, Use Central Log Management for Security Operations Use Cases, 20 March 2020, Toby Bussa, Kelly Kavanagh, Mitchell Schneider.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

 

Download the Report