In addition to the security related analytics and alerting benefits of CALM, and by virtue of the fact that it is aggregating all logs and events taking place within a customers network/IT environment, CALM can also serve as an extremely effective investigation and diagnostic tool for IT Support Teams.
Using the simple, intuitive search facility within CALM, IT support teams are able to search and drill into network and IT related events within extremely granular time intervals – down to a specific hour/minute/second. A Support Analyst is then able to review all events leading up to, or that took place at, the specific time a particular outage or fault was detected.
Log information ingested into CALM is fully ‘parsed’, meaning a raw log message generated by a Windows server or network device for example, is broken down into a readable format that is easy to understand. This in turn enables the IT Support Analyst to quickly review and understand the nature of a specific log event and to determine whether or not it could be related to the fault they are investigating.
Lastly, the RBAC authentication features of CALM allows for IT support teams and/or individual Support Analysts to be granted read/write permissions only to the necessary subset of dashboards and/or log message categories. Consequently, Security Managers can ensure that full control is in place over the use and visibility of the CALM platform and the potentially sensitive data contained within it.