|A proper logbook keeps the world in order. Photo by vxla.|
As networks are the most business critical components of telco and ISP business, it is important to know what is happening on them. For this the network needs AAA and SIEM (Security information and event management) services. The SIEM services are often provided by different vendors with different requirements for message format. For example, some use CEF while the others can accept free format text. We are proud that Radiator already provides interoperability that our customers can rely on. We also welcome your requests for new features.
Radiator 4.14 introduces LogFormatHook that provides a new way to handle logs. The main use of LogFormatHook is to create Radiator logs in different formats such as JSON and CEF. After this the formatted log message can be transmitted to an external log server or SIEM system for further processing, visualisation and archiving. Examples of these servers and systems are Splunk, Elasticsearch and RSA enVision and Security Analytics.
Especially with SIEM systems this functionality provides Radiator users many opportunities for log analysis. The SIEM systems can process log data for forensic analysis, compliance, dashboards and alerting - everything you or your customers need to know about status of their network.
Considering updates to your logging configuration?
If you have a network environment that needs this kind of interoperability with their log or SIEM systems, please contact our sales team at info(a)open.com.au . Also, if you have questions about interoperability concerning Radiator or some other AAA server solution - we just may have a solution for you.