BluVector’s Targeted Logger delivers context and visibility to threat security teams and their investigations by pre-correlating and highlighting log entries associated with events prioritized for analysis.
BluVector Targeted Logger Overview
The Targeted Logger is a network forensic tool designed to automate cyber hunting activities. With the ability to ability to flag content as an anchor for filtering and correlation of network traffic metadata, targeted logging delivers a greatly reduced data set surrounding suspicious activities.
As events are processed by BluVector, a subset will be flagged by various analyzers such as the machine learning engine or speculative code execution engine. When an event is flagged as suspicious or malicious, Targeted Logger will begin scanning this backlog for entries up to 15 minutes before and after an event. Entries related to the event, as determined by matching criteria (host IP, domain, etc.), are collected and stored with the event.
To learn more about Targeted Logger, read our feature brief.