Simple Log Service is a complete real-time data logging service. Simple Log Service supports collection, consumption, shipping, search, and analysis of logs, and improves the capacity of processing and analyzing large amounts of logs.
Benefits
-
Ease of use
Completes data accumulations from more than 30 data sources within five minutes.
-
Enriched features
Fully supports real-time and offline computing, and seamlessly connects to Alibaba Cloud software, open-source software, and commercial software.
-
Stable and reliable
Deploys reliable high-availability service nodes in data centers around the world.
-
Fully-managed
You can set the access permissions for individual rows so that the same report is displayed differently for each user role.
Features
-
Fully-managed Service
Collection
Completes connections to data sources within five minutes without any management cost.
Ease of use
Completes connections to data sources over any networks within five minutes by using the Logtail agent.
LogHub
Log Service fully supports Kafka, elastic scaling, delay alarms, and all streaming computing systems, such as Spark Streaming, Storm, StreamCompute, Flink, and Consumer Library (automatic load balancing). Log Service can integrate with other products, such as CloudMonitor and Application Real-Time Monitoring Service (ARMS). The usage cost is reduced by more than 50%, compared with deploying your own system.
LogSearch/Analytics
Log Service saves search results, and provides dashboards and reports. The usage cost is reduced by more than 50%, compared with deploying your own system.
-
Integrations and Configurations
Integrated with Alibaba Cloud software, open-source software, and commercial software.
LogHub
LogHub supports more than 30 data accumulation tools, such as Logstash and Fluent, for easy integration with embedded devices, webpages, servers, and programs. LogHub integrates with various consumer systems, such as Spark Streaming, Storm, Flink, StreamCompute, CloudMonitor, and ARMS.
LogShipper
Supports user-defined partitions and multiple data formats, such as TextFile, SequenceFile, and Parquet, and ships data to storage engines, such as Presto, Hive, Spark, Hadoop, E-MapReduce, MaxCompute, and HybridDB.
LogSearch/Analytics
Supports the complete search and analysis syntax that is compatible with SQL-92, and supports connections using Restful APIs and Java Database Connectivity (JDBC), and visual analysis tools, such as Grafana, DataV, Zipkin, and Jaeger.
-
Real-time Response
Processes large amounts of data in real time.
LogHub
LogHub processes written data in real time. Collection agent Logtail collects and transmits data to Log Service in real time, with an availability of 99.9%.
LogSearch/Analytics
Writes, searches, and analyzes data in real time. Multiple search conditions are used to search more than one billion items of data within one second, and multiple aggregation conditions are used to analyze more than 100 million items of data within one second.
-
Comprehensive APIs and SDKs
Build your own system
Log Service supports various use cases: monitoring, growth attacking, SIEM and more.
APIs
APIs and SDKs support multiple features and programming languages, to easily manage and serve more than one million devices.
Search and analysis
Simple syntax that is compatible with SQL-92 and multiple APIs for easy integrations with related service software.
How it works
-
SIEM Flow on Alibaba Cloud
-
Real-time Data Accumulation
-
Real-time Search and Analysis
-
Real-time Computing and Data Scrubbing
-
Connections with the Data Warehouse
SIEM Solution
SIEM combines Security Information Management and Security Event management. It supports threat detection, compliance and security incident management through the collection and analysis of security events, as well as a wide variety of other event and contextual data sources.
Out-of-box SIEM Ability
-
Comprehensive Data Collections
Cross multiple accounts, transformation and retention
-
Uniformed query and analytics capability
Interactive query and analytics syntax, ML algorithm and visualization
-
Threats detection and response
Using built-in LogService alert rules or customize them to detect threats, manage alerts notification and incident response.
-
Ship logs to a SIEM system over Syslog
Syslog is a widely used logging standard that is applicable to most security information and event management (SIEM) systems, such as IBM QRadar and HP ArcSight. Log Service be able to ship logs to a SIEM system over Syslog. You could write a program based on consumer groups in Log Service.
Real-time data accumulation
Real-time data accumulation
LogHub collects large amounts of logs in real time, such as Metric, Event, BinLog, TextLog, and Click. This service is cost-effective.
Benefits
-
Ease of use
Provides more than 30 real-time data accumulation methods to allow you to quickly build a Log Service platform. Powerful configuration and management capabilities help to reduce the workload of operating and maintaining nodes around the world.
-
Elastic scaling
Easily handles peak-hour traffic and incremental service data.
Real-time search and analysis
LogSearch/Analytics supports indexing data in LogHub in real time, and provides multiple search methods based on keywords, fuzzy match, context, range, and SQL aggregation.
Real-time computing and data scrubbing
StreamCompute and data scrubbing
LogHub supports integrations with various real-time computing services, provides comprehensive progress monitoring and alarms, and customizes data consumption using SDKs and APIs.
Connections with the data warehouse
Data warehouse
LogShipper ships data from LogHub to storage services, and supports various storage methods, such as compression, user-defined partitions, row storage, and column storage.
Latest Video
Upgraded Support For You
1 on 1 Presale Consultation, 24/7 Technical Support, Faster Response, and More Free Tickets.
1 on 1 Presale Consultation
24/7 Technical Support
6 Free Tickets per Quarter
