01.Overview
ALog ConVerter acquires access records to important data without the need for agents, obtaining logs from file, storage, and AD servers, etc.
02.Features
Point 1
Unique ALog ConVerter Technology
ALog ConVerter analyzes event logs using unique, world-class log analysis and conversion technology, summarizing data access records as easy-to-read access logs.
Point 2
Automated Reports
Configure settings in advance to receive automated alerts.
Predefined reports allow for regular, automated output without the hassle.
Report Example
- Nighttime Access
- Saturday and Sunday Access
- Delete Data in a Specific Folder
- Unauthorized Access to Important Files
- Mass File Operations
- Multiple Logon Failures
Point 3
Aggregation / Monitoring / Email Notification
Automate audits and monitoring using the report monitoring feature.
03.Operating Environment
- Manager Server
-
for
Windows -
for
NetApp -
for
EMC -
for
PowerScale
(Isilon) -
for
Linux - for Amazon FSx
Manager Server
System Requirement
| Location |
On-Premises Environment
|
|---|---|
| Supported OS |
Windows Server 2016 / 2019 / 2022
|
| CPU | Recommended 2.7GHz 8 cores or more |
| Memory | Recommended 32GB or more |
| HDD |
500GB or more free space
|
| Required Software |
.NET Framework 4.8 or higher Any of the following browsers: Firefox 68 or later Google Chrome 76 or later Microsoft Edge |
* A manager server license is not required.
Windows
System Requirements
| Supported OS |
Windows Server 2016 / 2019 / 2022 Windows Storage Server 2016 Windows Server IoT 2019 / 2022
|
|---|---|
| Required Software | .NET Framework 4.5 SP1 or later (agent type only) |
Operating Environment
- The drive for file access log output must be in NTFS format (FAT format is not compatible).
- When the log collection method is agent type, files must be able to be written from the Target Server to a shared folder on the Manager Server.
- Shared administrator access to the Target Server.
NetApp
System Requirements
| Supported OS | ONTAP 9.5 - 9.13.1
|
|---|
* We recommend product versions that are supported by manufacturers, as we may not be able to provide sufficient support for unsupported product versions.
* Refers to the operating environment for the latest version of ALog.
Operating Environment
- The file area serving as the file access log output TARGET must be a CIFS area (NFS area not compatible).
- For Data ONTAP, the ssh or rsh command must be executable from the manager server to the target server.
- For ONTAP, the ssh command must be executable from the manager server to the target server.
- Log format must be evtx (not compatible with XML format).
- LDAP authentication method for NetApp must be Active Directory authentication
Model range compatibility table
| Manufacturer / Series Name | Small range | Medium range | Large range |
|---|---|---|---|
|
NetApp FAS Series |
FAS2200 Series, FAS2500 Series, FAS2600 Series, FAS2700 Series |
FAS3220, FAS3250, FAS8020, FAS8040, FAS8200, V3220, V3250, V3270, FAS8300, FAS8700, FAS500f, FAS5500f | FAS6220, FAS6250, FAS6290, AS8060, FAS8080 EX, FAS9000, V6220, V6250, V6290 |
| NetApp AFF Series |
AFF A200, AFF A220, AFF C190, AFF C250, AFF A150, AFF A250 | AFF A300, AFF A320, AFF A400, AFF8020, AFF8040, AFF C400 | AFF A700s, AFF A700, AFF A800, AFF8060, AFF8080 EX, AFFA900, AFF C800 |
| Fujitsu NR1000 Series | F2520, F2552, F2554, F2620, F2650, F2720, F2750 | F3220, F3250, F8020, F8040, F8200, F8300 | F6220, F6250, F6290, F8060, F8080, F9000 |
| Fujitsu AX/HX Series | AX2100, AX1100, HX2200, HX2100 | AX4100, HX6100 | - |
| Lenovo ThinkSystem DM Series | DM3000H, DM5000H, DM5000F, DM5100F | DM7000H, DM7000F, DM7100H, DM7100F | - |
EMC
System Requirement
| Supported OS | VNX OE 8.1.21
|
|---|---|
VNXe OE 3.1
|
|
Unity 5.0.3 - 5.3.1
|
|
PowerStore 3.5
|
* We recommend product versions that are supported by manufacturers, as we may not be able to provide sufficient support for unsupported product versions.
* Refers to the operating environment for the latest version of ALog.
Operating Environment
- Must be able to use the AutoArchive function for the event log.
- The file area serving as the file access log output TARGET must be a CIFS area (NFS area not compatible).
Model range compatibility table
| Manufacturer / Series Name | Small range | Medium range | Large range |
|---|---|---|---|
| VNX / VNXe Series | VNXe1600, VNXe3150, VNXe3200, VNXe3300, VNX5100, VNX5200, VNX5300, VNX5400, VNX VG2 | VNX5500, VNX5600, VNX5700, VNX5800, VNX VG8 | VNX7500, VNX7600, VNX8000 |
| Unity Series | Unity300, Unity300F, 350F, 380F, Unity400, Unity400F, 450F, 480F | Unity500, Unity500F, 550F, Unity600, Unity600F, 650F, 680F, 880F | - |
| PowerStore Series | 500T, 1000T, 1000X | 3000T, 3000X, 5000T, 5000X, 7000T, 7000X | 9000T, 9000X |
PowerScale (Isilon)
System Requirement
| Supported OS | OneFS 9.0.0 - 9.7.0
|
|---|
* We recommend product versions that are supported by manufacturers, as we may not be able to provide sufficient support for unsupported product versions.
* Refers to the operating environment for the latest version of ALog.
Operating Environment
- The file area serving as the file access log output TARGET must be a CIFS area.
- The ssh command must be executable from the Manager Server to the Target Server.
Linux
System Requirement
| Supported OS |
Red Hat Enterprise Linux 6 / 7 / 8 / 9 CentOS 7 |
|---|
* Refers to the operating environment for the latest version of ALog.
Operating Environment
- Auditd, sshd, zip, unzip and openssh-clients must be installed first.
- When obtaining syslog, Time, Host Name, and Other Information must be space delimited (half-width space) format (Linux syslog output format is the initial state).
- The log format must be a text file and must be uncompressed or ZIP / GZIP compressed.
- The environment must have /usr/local/sbin structure.
* Please contact us if you are using a Samba environment.
Amazon FSx
System Requirement
| Support service |
Amazon FSx for Windows File Server Amazon FSx for NetApp ONTAP |
|---|
* This is the operating environment for the latest version of ALog.
Amazon FSx for Windows File Server
- Amazon Kinesis Data Firehose has been created.
- A bucket has been created in Amazon S3.
- The output destination of Amazon Kinesis Data Firehose is set to Amazon S3 in condition 2.
- The Amazon FSx for Windows audit event log output destination is set to Amazon Kinesis Data Firehose in condition 1.
Amazon FSx for NetApp ONTAP
- The file area to which file access logs are output is a CIFS area (NFS area is not supported)
- The ssh command can be executed from the manager server to the target server.
- The log format must be evtx format (XML format is not supported)
- The storage virtual machine setting is set to "Join Active Directory"
04.FAQ
- ALog ConVerter specifications and structure
- ALog ConVerter installation and operation
- Trial / purchase
- License [general terms]
- License [for Windows / Linux]
- License [for NetApp / EMC]
- License [for Isilon]
ALog ConVerter specifications and structure
View all
ALog ConVerter installation and operation
View all
-
Do you offer an installation manual and configuration instructions?
Please contact us through our online contact form.A manual and configuration guide are included in the downloadable installation package. Please contact us sales office for details.
-
Is it necessary to install an agent (resident program) on the target server?
Agents are generally unnecessary.You may select whether to deploy an agent depending on the type of target server.
-
Does installing ALog ConVerter place a load on the client PC?
No.
ALog ConVerter does not require an application to be installed on the client PC, so there is no load involved. -
Are there any important things to consider when installing ALog ConVerter?
ALog ConVerter collects event logs and audit logs output by the server and converts them into access logs.
Therefore, settings (audit settings) are required to output event logs and audit logs to the target log server.
If the range of audit settings is too large (e.g., everything under the C drive), a massive amount of logs will be output, which could consume all free space on the local disk of the file server. We recommend limiting monitoring of the audit settings to only the folders necessary. -
Does ALog ConVerter installation require certain access rights?
The account running ALog ConVerter must have domain admin privileges.
If the manager server and the target server exist in different domains, an account with administrator privileges must be created on each server and trust relationships established. -
Is it possible to output the access log in a file format?
Yes.
Access logs can be output as CSV, ZIP, or an encrypted file. -
Is it possible to output the access log to another storage location instead of the manager server?
Yes.
By default, the access log is output to the local drive of the manager server,but settings allow for output to an external storage device.
Trial / purchase
View all
-
Is there a trial version of ALog ConVerter to try before purchasing?
A free evaluation version is available.Please request it using the contact form on our website.
-
How do I purchase ALog ConVerter?
ALog series products are sold by our sales partners.
Please check here for a list of our sales partners.
If you are not already working with a distributor on the list, please contact us and we will introduce you to one.
License [general terms]
View all
-
Is it necessary to purchase database software, etc., in addition to ALog ConVerter?
No.
* Only when the target server is a SQL Server and "SQL Trace" is selected in the audit settings when adding the target server is it necessary to have a version equal to or later than the SQL Server for which the log is to be collected.
-
Is a maintenance contract required?
A maintenance contract for the first year is mandatory.
ALog ConVerter updates the access log analysis conversion engine regularly as needed according to the version upgrade of the supported OS (server OS, client OS).If the maintenance contract expires, you will not be able to update this conversion engine and the correct log conversion may not be performed. Therefore, we recommend you continue the maintenance contract during the period of use. -
Do I need a manager server license?
No.However, a license is required to collect the access log of the manager server itself.
-
Is there a volume discount for additional licenses?
No.For additional purchases, the payment system will be the same as for new purchases.(We recommend that you purchase licenses for the total number of servers required at the time of the initial purchase)
-
What is ALog for Win AE for NAS?
ALog for Win AE for NAS is an option that allows you to purchase single licenses for Windows Advanced Edition.
This option is only available to customers using NetApp / EMC / Isilon. -
Is it mandatory to purchase ALog for Win AE for NAS?
No.Please purchase the option if you intend to collect logon/logoff logs from the active directory.
License [for Windows / Linux]
View all
-
How many licenses are required?
Please purchase as many servers on which there are logs you wish to collect.One license is required for each server, regardless of whether it is a physical server or a logical server.
-
Does the license change depending on the number of CPUs, the number of cores, etc.?
No.ALog ConVerter requires one license for each server for which logs are collected (regardless of whether physical or logical).
-
If the server for which logs are collected is a logical server, does the required number of licenses change?
No.One license is required for each server, regardless of whether it is a physical server or a logical server.
If you want to collect access logs from the host OS of a logical server, you need a license for the host OS as well. -
How many licenses are required in the case of a cluster configuration?
As ALog ConVerter requires one license for each server for which logs are collected (regardless of whether physical or logical), one license for each server making up the cluster is required.
-
Is it possible to purchase one license at a time?
No.We ask you to purchase at least five licenses at a time; we do not offer an option to purchase only one license.
License [for NetApp / EMC]
View all
-
What is the difference between licenses S, M, and L?
The fee system for S range, M range, and L range depends on the NAS model.
Please check the model of NAS you are using and purchase licenses for the applicable range. -
How many licenses are required?
Please purchase one license for each active controller.
* For EMC VNX / VNXe, count data movers or virtual data movers (VDM); for EMC Unity, count storage controllers (storage processors).
-
Does the required number of licenses change if the server for which logs are collected is a virtual storage server?
If you are building virtual storage (NetApp FAS series uses vFiler or SVM as virtual storage, EMC VNX / VNXe CIFS Server and EMC Unity uses NAS Server as virtual storage), you need as many virtual licenses as there are virtual storages, in addition to the normal license.
* for NetApp/EMC includes one virtual license for each server license; you do not need another virtual license to collect logs from only one virtual storage.Purchase a virtual license when the number of virtual storages for the collected logs exceeds the number of physical servers.
* With for NetApp, we assume that virtual licenses are not used for physical servers (vFiler0). -
Does the required number of licenses change for a cluster configuration?
The number of required licenses depends on the cluster configuration. Please contact us to find out how many licenses you may need.
License [for Isilon]
View all
-
Howe many licenses are required?
You are required to have one license for each node in the server configuration.
>* If there are multiple physical servers (DR site, etc.), one server license + additional node licenses are required for each server.
-
Does the required number of licenses change for a cluster configuration?
If there are multiple physical Isilon servers in a DR, etc., a license is required for each node.
