Log Management

Comprehensive log collection, processing, querying, and lifecycle management.

Overview

Energy Logserver’s log management capabilities provide comprehensive tools for querying, analyzing, and managing security data throughout its lifecycle. Key features include:

• Flexible Query Languages: SQL and PPL (Piped Processing Language) for powerful data analysis

• Multiple Query Formats: REST API with JSON, CSV, JDBC, and raw response formats

• Advanced Search: Full-text search with match, multi-match, and query string capabilities

• Data Type System: Complete type system with identifiers, functions, and operators

• Long-term Archive: Cost-effective storage with searchable archive and restoration capabilities

• Index Lifecycle Management: Automated policies for data retention, rollover, and deletion

• Compliance Support: Built-in retention policies for GDPR, SOX, HIPAA, and other regulations

In This Section

• SQL Query Language: Complete SQL syntax with practical SIEM examples

• PPL Language: Piped Processing Language reference and commands

• Query API and Formats: API endpoints and response format options (JSON, CSV, JDBC, Raw)

• Data Types and Functions: Data types, identifiers, and built-in functions reference

• Full-Text Search: Advanced search capabilities with match and query string syntax

• Archive: Long-term data storage, search, and restoration

• Index Management: Index lifecycle policies and optimization actions

• Log Lifecycle and Compliance: Retention policies, capacity planning, and regulatory compliance (GDPR, SOX, HIPAA)