Chat with us, powered by LiveChat
Enable Sophisticated
Log Management

Collecting and analyzing logging information from across disparate systems can be complex. The Snare Reflector can cache, filter, and forward logs to centralized systems regardless of their format or final destination. The Snare Reflector is used to unify disparate SIEM and/or logging platforms, to implement enterprise logging architecture as well as tuning log/data flow with unmatched precision.

The Reflector can send data in real-time to one or more destinations, using UDP or TCP with TLS encryption enabled. We send logs in any of major formats including both syslog types 3164 and 5424.

Key Reflector Benefits

Forward Logs to Countless Destinations
Determine which kinds of logs in what format go to where (SOCs, MSSPs, SIEMs) and can not only go to multiple destinations but multiple SIEMs from multiple vendors integrating your security solutions across disparate systems. The Reflector can also reflect logs in their received format such as if the original system or Snare agent was sending in that format.

Parse and Truncate Logs Based on Destination
Only send critical logs to each destination or a different set of logs to each destination. The Reflector can filter out logs you don’t need, reducing SIEM costs and cache logs when network flow is interrupted. The reflector also has some smart syslog formats for when sending to QRadar and RSA Envision. For a thorough list of supported formats please reach out!

Mask Sensitive Data
The Reflector can be configured to mask sensitive data within the logs like private patient data or credit card information or any other data as required by various compliance standards.