LogLocker for Microsoft Sentinel

Retain and preserve high-value logs with ease

Act now to simplify and rationalise the management of your logs with LogLocker for Microsoft Sentinel.

Buy now Book a demo
AdobeStock_588513155
Defense@2x

Make Microsoft Sentinel a crucial component for compliance, just like it is for security

  • Want more from your Microsoft Sentinel investment?
  • Let down by compliance tools lacking legal defence details?
  • Struggling with the surge in telemetry data?
  • Business demanding longer log data retention?
  • Concerned logs aren't managed or preserved effectively?

LogLocker tackles these challenges for Microsoft Azure and Sentinel users, reducing costs, minimising data and protect the logs you need.

The business case for LogLocker

LogLocker solves compliance challenges by providing a robust log management platform for the data and AI economy

Never has it been more important to retain only the necessary log data to reduce cost and storage complexity - if you retain logs for long periods its essential data lineage is preserved to ensure legal defensibility.

 

Reduce cost

Shocked at the limited options and long-term cost of retaining your logs? Implement a cost-effective alternative to Log Analytics and Azure Data Explorer archiving

Minimise data

Looking for a way to avoid storing all logs? Only archive and retain the specific logs you need for business requirements and compliance

Preserve logs

Worried your logs are not given enough protection? Preserve and protect logs using distributed ledger technology for truly defensible legal evidence.

Ready for integration

LogLocker API's were designed for easy and effective integrations with Microsoft Sentinel, Log Analytics, Azure Data Explorer and other Microsoft services.

No retraining

LogLocker uses Kusto Query Language (KQL) to define the targeted log collections via Azure Sentinel allowing it to align to existing staff roles and skills.

Extensible data sources

Want to bring in other data sources? No problem. LogLocker will work with any volume or type of data, log or query.

Getting started with LogLocker

Where is LogLocker installed?

azure icon logo

Installed on Azure

The LogLocker platform is deployed into your Azure subscription so you govern the security and location of your data using the configuration option provided. Includes Terraform, Kubernetes, Storage and Logic App.

Azur regions

In any Azure region

LogLocker can be deployed into any Azure region ensuring your data is stored on the blockchain network that respects your data sovereignty requirements

azure-storage-table-logo-A474F6AD9A-seeklogo.com

Azure Blob storage options

Larger data sets can extend to off-chain storage using Azure Blob storage. Further options for multi cloud storage are also available.

Getting started with LogLocker

How does LogLocker work?

KQL

Targeted protection

Target the specific logs you want to capture using KQL queries run from Sentinel against Log Analytics and Azure Data Explorer. Then add the LogLocker automation to the query workbook.

Sentinel

Sentinel triggers

When a Sentinel alert is triggered, LogLocker will request the KQL and run the specific query against either the Log Analytics Sentinel workspace or Azure Data Explorer (ADX).

Byzgen -Private Blockchain-1

Stored logs

Only the logs you specify are stored and preserved in LogLocker, ready for search, sharing and review.

LogLocker pricing

Business

from $2850/mo

Best for smaller log volumes. Retain and manage your high-value logs quickly and easily

  • Checkmark Single tenant
  • Checkmark Sentinel connector
  • Checkmark Private blockchain
  • Checkmark On-chain storage
  • Checkmark Elastic search
Buy LogLocker Business
Most popular

Enterprise

from $5200/mo

All the Business plan features plus off-chain storage for larger log volumes

  • Checkmark Single tenant
  • Checkmark Sentinel connector
  • Checkmark Private blockchain
  • Checkmark On-chain storage
  • Checkmark Elastic search
  • Checkmark Azure Off-chain storage
  • Checkmark ADX search
Buy LogLocker Enterprise

Premium

from $8350/mo

All the Business and Enterprise features plus API integration and 3rd party data sharing

  • Checkmark Single tenant
  • Checkmark Sentinel connector
  • Checkmark Private blockchain
  • Checkmark On-chain storage
  • Checkmark Elastic search
  • Checkmark Azure Off-chain storage
  • Checkmark ADX search
  • Checkmark Public blockchain options
  • Checkmark AWS & GCP Off-chain storage options
  • Checkmark API Access
  • Checkmark 3rd party permissioned data sharing
Contact us for plan options
What happens when you complete your marketplace purchase?

LogLocker is easy to deploy - with experts on hand to help

Azure users with a Sentinel subscription can easily implement LogLocker.

Once you've committed to buying here's what happens next:

  1. Book an installation call with our engineering team
  2. Or, if you have immediate questions, a call with one of our team ahead of the installation meeting.
  3. Full details of prerequisites will be provided ahead of the installation meeting.
  4. The LogLocker installation is completed within 5-working days once meetings are confirmed and pre-requisites are in place
Start purchase Ask a question
AdobeStock_455812073
The challenges LogLocker solves

Logs are ever more critical for digital compliance and security

  • Increasing cyber security costs

  • Stream lining security and compliance teams

  • Retention of high value logs for long periods

  • Increasing volumes of telemetry data

Your business wants ways to do more with less and drive value from existing security investments

If you're looking at LogLocker your investment in SIEM (Security Information and Event Management) is likely significant. To truly reap the benefits of SIEM, you need to be sure that your security and compliance teams are getting the most value out of this powerful tool. Imagine a Venn diagram where the circles of security and compliance overlap. The sweet spot in that overlap is where your SIEM should reside. This is where it becomes more than a tool—it transforms into a bridge, uniting these typically isolated areas to unveil insights and boost efficiency. By working together with LogLocker, your security and compliance teams can turn your SIEM into a valuable asset that shields your organisation from cyber threats and regulatory pitfalls

Buy now Ask a question

You need to avoid siloed teams by reusing skills, data and functionality to gain business efficiencies.

The disconnect between siloed security and compliance teams creates a critical blind spot. Security, focused on real-time threats, overlooks long-term compliance gaps. Compliance, chained to checklists, misses dynamic security risks. This double vision leaves vulnerabilities unseen and unaddressed, potentially increasing audit time and fines and ultimately weakening your overall defence. Breaking down these silos and forging a shared view through integrated tools and proactive collaboration is key to achieving resilient security and seamless compliance.

Buy now Book a demo

Native options are not suitable for long-term log retention being costly, unable to accommodate custom data types and lacking the preservation capabilities required.

Preserving data over vast stretches of time is a formidable hurdle. Storage technology constantly evolves, demanding data migration to survive, while physical media degrades, necessitating backups and redundancy measures. Data formats and software compatibility become obsolete, requiring costly conversions to maintain accessibility. Privacy concerns escalate with lengthy retention, demanding meticulous access control and potential anonymisation. The sheer volume of data can become unwieldy, requiring efficient archiving and retrieval strategies. In short, safeguarding information against the relentless march of time is a complex juggling act demanding constant vigilance and resourcefulness.

Buy now Ask a question

You need tools to enable selection and filtering of logs to ensure that only those with value are processed and retained. Retaining unfiltered logs is not a sustainable option given the projected data growth and increased regulatory requirements.

The deluge of log data threatens to engulf organizations like a rising tide. Each click, sensor ping, and system event spills into the reservoir, and the torrent shows no signs of slowing. Existing tools strain under the pressure, buckling under the ever-growing weight of analysis and storage demands. Future projections paint an even bleaker picture, with data volumes set to explode exponentially. This tsunami of information threatens to drown our ability to identify critical security events and maintain regulatory compliance. Navigating this data deluge will require innovative solutions, from intelligent filtering and compression techniques to scalable storage architectures and AI-powered analysis tools. Only by riding this wave of data, not succumbing to it, can organizations unlock the valuable insights hidden within.

Buy now on Azure marketplace Book a demo

One compliance tool to rule them all 

GET A DEMONSTRATION BUY ON AZURE MARKETPLACE