How does LogZilla’s Network Event Orchestration platform minimize data congestion and reduce the number of logs collected and stored to deliver the shortest mean-time-to-resolution for critical risk and threat vulnerabilities?
Docker Version 18+
8 CPU Cores
Disk IOPS Minimum: 1000
curl -fsSL https://logzilla.sh | sudo bash
LogZilla's Network Event Orchestrator is fully operational in just 30 seconds!
Only one server
LogZilla is licensed based on the amount of Events Per Day that you send to the server. Our data clustering feature is an algorithm which condenses billions of entries into a narrow set, but still tracks every event down to the millisecond. In doing so, we are able to save up to 95% of the disk space needed to store your data..
LZ NEO can also set up automations based on triggers and scripts
LogZilla's Network Event Orchestrator processes events in real-time. Even at high scale (20+TB/day). The second that an event comes in, is the same second that it is parsed, indexed, alerted, and searchable.
Yes, in fact, you can retain data forever. If you have an on-premise deployment, simply add more storage. If you want to expand your system, you won't need a bank loan to pay for it - like you do for other software.
Using LZ NEO, you can pre-filter your events before you send it downstream to Splunk or ELK. Its our patent for pre-duplication that allows you to eliminate 97% of your storage and server licensing costs in the first 5 minutes.
LogZilla is the only vendor that can ingest and index over 20TB of data per day on a single server
|Events/Day||CPU Cores||RAM||Disk IOPS|
|Up to 5M EPD||8 @ 2.5GHz||16||1k|
|Up to 10M EPD||8 @ 2.5GHz||32||2.5k|
|Up to 50M EPD||8 @ 2.5GHz||128||5k|
|Up to 100M EPD||16 @ 3.2GHz||128||10k|
|Up to 1B EPD||32 @ 3GHz||256||50k|
* For systems over 1B EPD, contact sales for detailed server sizing.