Product Portfolio

Energylogserver is delivered through three complementary product plans that can be deployed independently or as an integrated enterprise security platform. Each plan is designed to address specific organizational needs and can scale with business requirements.

Product Plan

Product Plan

Core Purpose

Primary Use Cases

Target Organizations

Log Management Plan (LMP)

Foundation platform for comprehensive log management

Operational monitoring, compliance, basic security

All organizations requiring centralized logging

SIEM Plan

Advanced security analytics and threat detection

SOC operations, threat hunting, incident response

Security-focused organizations, regulated industries

Network Probe

Network traffic analysis and passive monitoring

Network security, advanced threat detection, forensics

Organizations with advanced network security requirements

Log Management Plan

Foundation platform for enterprise log management

Core Modules:

  • Discover: Advanced search and filtering with ad-hoc query capabilities

  • Dashboards: Interactive operational and security dashboards

  • Visualizations: Comprehensive charting, tables, heatmaps, and custom visualizations

  • Agents: Centralized management of log collection agents across all platforms

  • Archive: Long-term data retention and compliance archiving

  • CMDB: Configuration Management Database integration with event correlation

  • Integrations: Native connectors for data sources and external systems

  • Network Probe: Integrated data collection and processing (first instance included)

  • Reports: Automated and ad-hoc reporting with scheduling capabilities

Management and Administration Modules:

  • Config: System-wide and user-specific configuration management

  • Sources: Registration, configuration, and management of data sources

  • Dev Tools: Testing and development environment for queries and transformations

  • Index Management: Data lifecycle policies, retention management, and optimization

Key Business Benefits:

  • Unlimited Data Retention: No arbitrary limits on log storage duration

  • Unlimited User Access: Role-based access control without per-user licensing

  • Unlimited Data Sources: Connect any number of systems and applications

  • Included Network Analysis: First Network Probe instance at no additional cost

SIEM Plan Enhancement

Advanced security information and event management

Security-Focused Modules:

  • Alerts: Advanced correlation rules and real-time threat detection policies

  • Vulnerability Management: Integration with vulnerability scanners with fundamental scanner built-in

  • FIM (File Integrity Monitoring): Critical file and system resource monitoring

  • Correlation Engine: Advanced multi-source event correlation and attack chain analysis

Empowered AI Capabilities:

  • AI Cases: Machine learning-driven incident analysis and recommendation engine

  • LLM Integration: Large language model integration for natural language security analysis

  • Automated Threat Hunting: AI-powered proactive threat discovery

  • Behavioral Baselines: Automated establishment of normal behavior patterns

Enterprise Security Features:

  • MITRE ATT&CK Integration: Native framework mapping and technique coverage analysis

  • Threat Intelligence Platform: Integration with commercial and open-source threat feeds

  • SOAR Integration: Orchestration with security automation and response platforms

  • Advanced Compliance: Automated compliance reporting for multiple frameworks

Network Probe

Specialized network monitoring and analysis

Network Analysis Capabilities:

  • Passive Traffic Monitoring: Layer 2-7 protocol analysis without network impact

  • Flow Analysis: NetFlow, sFlow, IPFIX support for network behavior analysis

  • Protocol Recognition: Automatic identification of applications and services

  • Metadata Extraction: Deep packet inspection for security-relevant information

  • Network Anomaly Detection: Identification of unusual communication patterns

Performance Specifications:

  • Traffic Capacity: Up to 10 Gbps sustained network traffic analysis

  • Event Processing: 20,000+ Flows/Events Per Second (FPS/EPS)

  • Deployment Flexibility: Physical appliance, virtual machine, or cloud deployment

  • Integration: Seamless data forwarding to ELS Data Node and correlation engine