With the use of Graylog, we provide a solution for collating all of your logs into a single location. This can then be utilised for search purposes, correlation of log entries, reporting on the data collected from your legs. Dashboards can be created to graphically present your log data into something much more meaningful. Alerts can also be configured to inform you of potential issues - for example: someone has attempted to connect to a server via SSH and failed, or attempted to use sudo or su to root. This can help you be more pro-active to potential issues.
Logs are collected using agents on the servers, and also via syslog. With the use of syslog, we can collect logs from appliances where agent installation isn't possible, eg: firewalls, switches, routers, etc.