CYRAY's LogsDam Solution
How to reduce your ingestion cost,
on Azure Sentinal and Splunk
The Problems
Cost
When used at large volumes, ingestion on MS Sentinel/Splunk can be prohibitively costly.
Connectivity
Transferring large quantities of data necessitates a substantial amount of bandwidth.
Data collection
Effectively gathering all data while not overlooking crucial logs necessitates expertise and skill.
Your Smart Collector that solves your problems
Our solution provides a quick, intelligent, and straightforward approach to addressing your cost concerns, without requiring any alteration to your existing SIEM. In just 30 minutes of your time, we can decrease your ingestion expenses by up to 80 percent.
How it Works
- We will integrate our Smart Connector into your environment, whether it is on-premises or in the cloud.
- We will provide guidance on properly configuring Firewall and/or Domain Controllers (DCs) logs to ensure accurate ingestion (able to accept any type of logs).
- Our process involves analyzing, aggregating, and filtering logs while ensuring that no data is lost. We apply filtering based on our best practices, with the customer's consent.
- We send the aggregated data to our SIEM, and from there, we forward it to the your SIEM.
CYRAY
Aggregation Architecture
Real life example of cost savings
At CYRAY, we want to clarify that our solution offers the flexibility to send data directly to MS Sentinel or Splunk without going through our analytics server. If you choose to send your data through our server, it is only for additional analytics, and we do not keep the data for ourselves. We respect the privacy of our customers and understand the importance of data confidentiality. Our solution is designed to provide a cost-effective and efficient way of ingesting data to SIEM tools while maintaining data privacy and confidentiality.
