Tenable Network Security has released version 3.6 of the Log Correlation Engine. This new version includes many performance enhancements as well as its own web-based user interface. This blog entry describes the new user interface, the increased performance and the new features of LCE 3.6.
Previously, all LCE installations were required to be managed by SecurityCenter. This is great for correlating vulnerabilities and configurations with logs and events, but could be out of scope for a project focused solely on log management or log analysis.
Since many customers expressed interest in a pure log management solution based on the LCE, we developed a user interface dedicated to log analysis, event management and creating dashboards, alerts and reports. An example screen shot is shown below:
Increased Performance and New Features
Version 3.6 of the LCE also includes several new performance and product enhancements.
An in-memory cache daemon for events is now used to accelerate analysis of events. As users summarize and perform refined searches for various events, the caching daemon accelerates their queries by pre-caching event data. This allows for hundreds of millions of events to be searched and filtered in near real-time.
LCE 3.6 also uses less disk space than previous versions. The reduction in disk space usage also increases performance as less raw data needs to be read from or written to the file system.
Whether you choose to use LCE as a stand-alone product or integrated with SecurityCenter, the new version is sure to increase efficiency in analyzing security events!
For More Information