Main Functions
The default functions supported by eyeCloudXOAR are as follows.
n Main Functions
|
Function
|
Menu
|
Note
|
|
Collection Policy
|
Log collection item management, security system category, management item management for each security system
|
Collector
|
|
Search Engine
|
Search client management, search Query management, Cache management, etc.
|
Collector
|
|
Parsing Module
|
Parsing management and real-time parsing support for each collection target system
|
Collector
|
|
Storage Module
|
Store source log and statistical information
Manage performance information and system log information
File system for source log management including storage, compression, deletion, etc.
Invalid log management through resource management
|
Collector
|
|
Administrator Authentication and Identification
|
Login, logout, authority management, user’s screen management
|
Analyzer
|
|
Dashboard
|
Develop and add all kinds of components, configure a screen necessary for the user and utilize them for monitoring
Configure a variety of user-defined screens by partitioning screen columns, adjusting a size and moving components
|
Analyzer
|
|
Monitoring
|
Support security and control tasks with real-time monitoring tools and detailed and specialized log search functions and check monitoring options with performance information
|
Analyzer
|
|
Analysis
|
Provide the analysis results of analysis and security events, performance events and TI events with statistics
Provide SeQL and pivot analysis functions
|
Analyzer
|
|
Management
|
Collector and Agent device registration and management, asset, user and code management
|
Analyzer
|
|
Device Interlocking
|
Remote/web-based interlocking function control
Interlocking module configuration including Syslog, file, SNMP, System performance information, DB interlocking, other ESM interlocking, etc.
Event log filtering policy management and filtering
|
Agent
|