LogDrill Ltd. is dynamically growing start-up member of the KÜRT Group. KÜRT’s information security experts have provided log analysis services for more than 10 years. Throughout their projects they have experienced the limitations and weaknesses of the log analysis tools currently available on the market. In the past 3 years KÜRT has invested a large amount of its funds and expert hours into creating this tool that is flexible, intuitive and easily adaptable to client needs and their unique requirements.
LogDrill is a Machine Generated Data analysis tool that is able to handle the speed at which data is generated. KÜRT Co. has been in the log analysis business for over 10 years. We serve a large number of companies in the EU and the GULF region. Our clients include IT, retail, industrial, consulting companies, financial institutions and government and legal offices. We have had to face the fact that not only do our client profiles show huge variety, but their problems and expectations are also diverse.
Efficient software has to create valid results in no time and must allow for questions to be quickly changed, as required.
We have successfully provided them with services such as SIEM, alerting&reporting, data security, forensics, compliance, incident logging, and IT system management. At the early stage of log-analysis, our experts analysed logs manually. Later on, they used 3rd party log analysis tools and soon ran into the biggest obstacles with these tools. It was difficult or impossible to handle unique log formats and queries were running too slowly and therefore used IT employee time inefficiently. Big Data sets could not be processed using these standard tools. In response to the challenges we faced, we developed LogDrill. One of the most important lessons we learnt through our years of log analysis is that analysts have to be critical about the data they use. They do not need all the available data for every query; instead, the ability to sort and compress data without losing relevant information is the crucial point of each query. Efficient software has to create valid results in no time and must allow for questions to be quickly changed, as required.
Sometimes managers and analysts are unsure about exactly what knowledge they should or could retrieve from giant sets of raw data. LogDrill comes with a set of built in queries and uses only the dataset/s that are relevant to the query. The next issue was that new log formats appear every day.
A well assembled analytical tool has to recognize patterns regardless of their format. LogDrill can handle all the common log formats automatically and on the command line interface it is easy to set any new formats required. The issue of security cannot be taken too seriously. Therefore one essential feature of LogDrill is how it anonimizes logs. During the process of anonimization sensitive data is changed into ‘meaningless’ data which is stripped of important and identifying characteristics. This new, anonimized data set is used for the analysis, so no information can be stolen or corrupted during the process.