James Governor's Monkchips

New Client Announcement: Prism Microsystems

Share via Twitter Share via Facebook Share via Linkedin Share via Reddit

We’re happy to announce that we recently signed up a new client in the log management and analysis space, Prism Microsystems.

As I explained a while ago: “System logs are one of the great untapped data resources of IT shops. They are analysed, usually in a silo context, often for a machine-specific task such as capacity management, performance analysis or used for post-exception audits. Log files from different systems are not usually brought together and mined, or indexed, for post-hoc reporting, let alone real time analysis.”

Event Tracker is built on directly targets Windows and Microsoft logs. For example, it assumes ActiveDirectory as an identity store, which means less configuration. The company’s recently launched Event Tracker 6.0 has a redesigned interface based on Microsoft Management Console v3.

Event Tracker doesn’t just support Windows logs though – it also supports a range of network hardware and software tools out of the box.

The platform is built on a compressed flat file which offers high performance, and none of the potentially high costs of using a relational database as a back end store. Why is high performance so important in the log context? Data volumes can be pretty hair-raising: consider one of Prism’s customers in a US healthcare company, which for HIPAA compliance purposes needs to store 50 Mb of log data generated per minute.

With 600 customers in 50 countries the firm is having most of its success in three heavily regulated industries-government, finance, and healthcare. Of course storing and indexing logs isn’t that interesting. Its the analysis that matters. Prism includes a number of pre-canned reports, which can be customised – according to content and schedule. Admins can also set up read only access for auditors.

Other players in the space include LogLogic (client), LogRhythm, Splunk, and Network-Intelligence.

5 comments

  1. Interesting, but it appears you forgot to mention the one vendor eating everyone’s lunch. Splunk.

  2. Hey Lachlan – not sure how you can say I forgot to mention Splunk when its clearly in the list.

    For what its worth we also wrote them up here:
    http://redmonk.com/sogrady/2006/04/12/splunking-movable-type/
    http://redmonk.com/cote/2007/03/01/clarification-on-recent-splunk-quotes/
    http://redmonk.com/blogs/archives/001525.html

    I would also content the space is still pretty fragmented. LogLogic, for example is doing exceedingly well at the moment – hyper growth

  3. […] early examples, you can look towards Splunk, Paglo, LogLogic, Prism Microsystems, and others. See James Governor’s coverage of Log Management as a category for more […]

  4. Look at that, Lachlan Wilde… the splunk evangelist. How much do they pay you to wander the internet and go on and on about splunk?

  5. hey Dimitri- i googled Lachlan too and did wonder… Splunk is cool but they don’t need this kind of stuff.

Leave a Reply

Your email address will not be published. Required fields are marked *