How ALog SMASH Works

What process does ALog SMASH use to collect and convert log files?

ALog SMASH is installed on the server, where it operates as a service. This service collects event logs output by the server and converts them into access logs that give auditing personnel a clear understanding of users' operational histories.

Why is conversion of event logs necessary?

Analyzing and converting event logs with ALog SMASH allows you to do the following:

  • View and understand logs more easily
  • Reduce log data volume
  • Convert data into access logs approximating users' actual usage patterns

Additionally, storing event logs as is without first converting them can lead to a number of problems:

  • As log data volume increases, files can become corrupted and even impossible to open. This results in ongoing storage of data that is useless in tracing file access and operation.
  • Storing large amounts of data requires frequent addition of hard disk space.
  • Event logs differ from records of "actual file operations," so they are more difficult to comprehend in terms of understanding users' file access histories.

With particular regard to the third point, data saved as event logs may in fact end up being unusable in urgent situations.
That is that reason for using ALog SMASH to process the event logs: analyzing and converting the log data in logs makes it easier to understand users' file access.

* ALog SMASH combines analysis of the client PC versions used to access the servers, event log output patterns, and other factors, then converts this data into logs that closely approximate actual usage patterns.

Using ALog SMASH with Existing Systems

Doesn't adding ALog SMASH place an extra load on client PCs?

ALog SMASH does not require installation of any application on client PCs, so there is no additional load on the system.

Are there any particular issues to be aware of when incorporating ALog SMASH
into our system?

ALog SMASH collects event logs and audit logs that are output by the file server and converts them into access logs. Therefore, make the settings (audit settings) necessary to output event logs and audit logs to the file server.

If the scope of audit settings is too broad (for example, everything under the C drive), the high volume of the log output may not leave sufficient open disk space on the file server's local drives. We recommend that the scope of the audit settings be limited only to those folders that require monitoring.

Can the access logs be output as CSV files or in other formats?

ALog SMASH saves the access logs converted from event and audit logs both as CSV and database files; no particular settings are required.


What are the license requirements?

Purchase licenses equivalent to the number of file servers to be monitored. You must purchase one license for each server, regardless of whether it's a physical or logical server.

Do licenses differ according to the number of CPUs, cores, etc.?

There is no difference. One license is purchased for each file server to be monitored.

Trial Version and Purchase

I want to try out ALog SMASH before I decide to buy. Is a trial version available?

We offer a free version for evaluation purposes that can be used for three months.
Please contact Amiya if you would like to receive a trial version.

Please choose the action