Stale logs sitting on a storage device somewhere are just that… stale. SecOps teams can’t easily make use of them, rendering them almost useless for investigations. The value of your data deteriorates fast when you can’t easily access it. Restoring data from a frozen state can be painful, especially when you don’t know the exact timeframe you need to look at.
Additionally, your organization also likely needs to keep logs for a period of time for one or more compliance reasons. But as compliance alone clearly doesn’t equal security, there’s somewhat of a paradox of stashing logs to check the compliance box but not being able to put them to good operational use.
Ultimately, you’re faced with the choice between expensive hot or warm storage costs, or using cheaper inaccessible cold or frozen logs. Or are you…? Enter stage right: Exabeam Cloud Archive! Available as an add-on to Exabeam Saas Cloud solutions, Cloud Archive solves the conundrum of log accessibility vs storage cost. You can store your logs securely in Exabeam Cloud Platform, and search them with ease.
And meeting compliance requirements is a breeze — your data can be stored and searched for up to 10 years. No fiddly restore efforts to demonstrate during audits, and as the data is written in immutable files you know that it’s not been tampered with or accidentally modified.
Logs sent to Cloud Archive are fully parsed, and are searched and filtered using the same methods as Exabeam Data Lake. No new querying languages to learn, and no unacceptably long wait times to get valuable results from your data.
How it works: Cloud Archive directly integrates with the Exabeam SaaS Cloud infrastructure to ingest all the received logs. Cloud Archive indexes and stores logs in a cloud-native object store, then makes those logs available through its search service. Logs in Cloud Archive are parsed the same way they are in Data Lake. To ensure parsing consistency, Cloud Archive synchronizes the parser configuration with Data Lake every 24 hours.
Figure 1: Cloud Archive architecture in Exabeam Cloud.
To learn more about Cloud Archive — check out the Cloud Archive datasheet!
Similar Posts
Augmenting Microsoft Sentinel SIEM: The Power of Exabeam for UEBA and TDIR
Exabeam Unveils 2023 Partner of the Year Award Winners
Exabeam IRAP Assessment Completion Creates New Opportunities for Partners in Australia
Recent Posts
What’s New in Exabeam Product Development – March 2024
Take TDIR to a Whole New Level: Achieving Security Operations Excellence
Generative AI is Reshaping Cybersecurity. Is Your Organization Prepared?
Stay Informed
Subscribe today and we'll send our latest blog posts right to your inbox, so you can stay ahead of the cybercriminals and defend your organization.
See a world-class SIEM solution in action
Most reported breaches involved lost or stolen credentials. How can you keep pace?
Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.
Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.
Get a demo today!