We primarily use it for network-wide event monitoring and incident backtracking. It helps us identify what events caused certain incidents and understand how they happened.

It's also useful for incident tracking and investigating.

The solution helps us identify and manage any security-related incidents in the environment. It collects logs from various sources in the IT department, including end-user devices, antivirus software, UTM, firewall box in our data center, and server logs. It also gathers Aneesh's IP device logs from our network monitoring. Log360 brings all logs from different devices into a single platform and then runs intelligence to detect patterns of attacks. This allows us to set up automation rules so that we can take appropriate actions if such patterns are detected in the future. For instance, we can isolate a machine or a user account from our Active Directory and send alert emails to the IT admin, network admin, or CEO, depending on the nature of the incident. This automation capability allows us to respond promptly and effectively to various security incidents, blocking many routine attacks beyond the protection offered by antivirus software.

This is a module we use for our CM for the logging aspect.

We are collecting logs from our firewalls and we are collecting logs from the antivirus site. We are using Bitdefender for that. We are going to be implementing it so that all the logs flow through that mechanism, of course. Right now, these two are being planned at once.

We usually use this solution as a pro system for purchasing and holiday approvals. They're usually a public system with MyCheck. We also use the repo system, including investing, and search systems for the organization.

Our primary case for this solution is log management and finding vulnerabilities. It has file server monitoring and we use it to oversee specific file paths from file servers. For a few of them, we also do servers, Linux, and syslogs from network devices. We are trying to add it to our Windows Server, and they inform us whenever there are changes in their PaaS. We deploy it on-premises.

I work with an organization that focuses on money management. So we usually deploy for organizations such as banks, pension providers, and major IT firms that are interested in this. I've even deployed for micro-finance banks.

People use it to analyze security event information from their servers. It could be from an IaaS server address. They get logs we didn't know how to interpret and it helps them to prioritize. When a device connects, after the analyzation it prompts the administrator depending on the server data entered into it.

We basically utilize the tool to monitor security events based on a logon process such as bad passwords, lockout, etc.

We are using its latest version. We just upgraded it over the weekend.

The primary use case of this solution to look for anomalies in our traffic to see if there is anything out of the ordinary. We don't have the resources to perform deep analysis. This solution provides us with a report of what is breaking the normal routine.

The primary use case of this solution is for reports, file editing, Active Directory editing, and security alerting.

We monitor the action in the Active Directory. For example, if someone changes the password in the Active Directory or the password has failed in the login, or there is a change in policy, then we know which administrator has made the changes. 

We can see all of the reports from the Active Directory and the file server in Log360. It's a good application because the reports are good and it helps to find errors in the system.