• Meeting compliance initiatives
• Improving information security with improved audit and correlation data
• Troubleshooting systems, applications, and networks

Regulatory compliance, security incident identification, and corporate security policy and awareness demand that you regularly review logs, securely store logs, and report on activities. But as the volume of log data grows, managing, monitoring, and reporting can introduce operational challenges and place increasing demands on IT resources.

• The ability to parse as many distinct log data formats as possible, addressing common formats such as Syslog and Windows Event Logs, as well as application-specific logs and legacy formats
• Storage and archival capabilities, ideally integrating with existing large-scale storage devices and networks—given the volume of log data generated in many organizations
• Simple configuration and management, preferably with a Web-based administration console
• The means to address a variety of compliance regulations and industry standards, with regulation-specific reporting templates, distinct separation of duties and various types and levels of access to log data and log management controls, and audit trails for log analysis and monitoring, with specific reports for managers and auditors
• Real-time and batch alerting mechanisms for security incident response
• Flexible multi-tier/distributed architecture with log collectors/repositories, log analysis engine(s), and management console(s)
• Robust log search capabilities, that can perform simple and complex queries on stored data
• Troubleshooting and forensic tools