Fortra's Alert Logic has introduced improvements to the Alert Logic console for Managed Detection & Response (MDR) customers, providing users with additional context for syslog collectors, including both Log Manager appliances and Remote Collectors.
This update makes it easier to see where these resources are deployed and to manage their status and configuration.
Background
Both Remote Collectors and Log Manager appliances are used to receive syslog data and securely transmit it to Alert Logic.
A Remote Collector is a lightweight package that can be installed alongside the agent on your asset. It listens for syslog data on port 1515 and forwards this to Alert Logic. The Remote Collector can be installed on Windows or Linux systems.
A Log Manager is a physical appliance or virtual machine that listens for syslog on ports 514 and 6514 (TLS/SSL). It serves as a centralized point for forwarding firewall logs and can act as the single point of egress for your Alert Logic agents. The OS is Alma Linux*
Asset Console Improvements
The following improvements are now available in the Assets Console:
- The Appliance Type column now includes the Log Manager option.
- A new Remote Collector column displays whether the Remote Collector package is installed.
- For Alert Logic appliances, the scope is now labeled as "N/A" across all types (excluding Remote Collectors).
- Log traffic statistics are now visible where relevant, displayed in he Table, Summary, and Details views.
- Appliance tags have been enhanced on both the Summary and Details views for better organization.
Before (Log Manager):
After (Log Manager):
Health Console Improvements
In the Health Console, log traffic statistics now display for both Log Managers and Remote Collectors, offering deeper insights into system performance.
Before:
After:
Policy Addition for Data Center Deployments
On the System Logs page for Data Center deployments, the Log Manager Appliance policy is now automatically assigned to Log Manager appliances upon being claimed, streamlining the deployment process.
AlmaLinux Upgrade Available
If you have an existing Log Manager appliance, we are now able to upgrade these appliances to AlmaLinux remotely. Please contact Support for more details. Alternatively, for virtual appliances, you can spin up a new one in its place.
These updates aim to provide a more intuitive, user-friendly interface and improve the overall experience of managing and monitoring your log collection infrastructure.
Additional Resources
Learn more about Log Managers and Remote Collectors with the following documentation:
Comments
0 comments
Please sign in to leave a comment.