What process does ALog SMASH use to collect and convert log files?
ALog SMASH is installed on the server, where it operates as a service. This service collects event logs output by the server and converts them into access logs that give auditing personnel a clear understanding of users' operational histories.
Why is conversion of event logs necessary?
Analyzing and converting event logs with ALog SMASH allows you to do the following:
- View and understand logs more easily
- Reduce log data volume
- Convert data into access logs approximating users' actual usage patterns
Additionally, storing event logs as is without first converting them can lead to a number of problems:
- As log data volume increases, files can become corrupted and even impossible to open. This results in ongoing storage of data that is useless in tracing file access and operation.
- Storing large amounts of data requires frequent addition of hard disk space.
- Event logs differ from records of "actual file operations," so they are more difficult to comprehend in terms of understanding users' file access histories.
With particular regard to the third point, data saved as event logs may in fact end up being unusable in urgent situations.
That is that reason for using ALog SMASH to process the event logs: analyzing and converting the log data in logs makes it easier to understand users' file access.
* ALog SMASH combines analysis of the client PC versions used to access the servers, event log output patterns, and other factors, then converts this data into logs that closely approximate actual usage patterns.