Collecting log data for the network: The BalaBit Store Box 1.1
BalaBit's syslog-ng Store Box 1.1 appliance collects the status messages in a network and archives them in an encrypted and revision-safe way. The appliance can perform full text searches in the saved messages, and search filters can be saved and reused. Store Box uses global filters to send selected status messages to specified users. BalaBit are the developers of the open source syslog-ng and the Store Box is based on this technology.
The appliance software is capable of generating lists of the top host names, programs and log sources, and the total number of different messages collected can be displayed as a bar or pie chart on the dashboard and in reports. The 1.1 release sees improvements in searching and indexing of log files, with permission based control over who can view different logs, and the introduction of the syslog-ng 3.1 pattern database and tagging.
Store Box is managed via SNMP (v2c,v3). Users can not only authenticate the device via LDAP, but also via RADIUS servers. When updating the appliance software, BalaBit offers two variants. The stable version receives bug fixes and support until the next version jump. The feature version is given new functionality at "shorter" intervals, and version support ends when a new feature edition is released.
Existing BalaBit customers can update to version 1.1 free of charge. The syslog-ng Store Box prices start from around €7000 through BalaBit's sales partners. BalaBit says that the price depends on the number of log sources. Those who purchase a Store Box will receive the syslog-ng Premium Edition free of charge.