Logging is a way of tracking what happened, when, and in what order. Logs are a critical component in troubleshooting, forensic analysis, and access tracking, and are used extensively in software environments to create a history of activity. Virtually all IT environments make extensive use of logs to track user and application activity.
However, logs are text-based and easily manipulated. A common tactic of hackers is to modify or delete log files in order to eliminate traces of their unauthorized intrusion. Once an intruder gains access to a system, any logs stored on that system, or in an environment to which that system has access, should be considered compromised and suspect.
The only way to mitigate this behavior is by using an external and immutable logging system, so that information logged there is permanent, unchangeable and verifiable. No deletion of log file information can ever take place, and no covering of tracks can occur.
Blockchain’s ability to create an immutable audit trail makes it compelling for logging, however public blockchain instances such as Ethereum are inappropriate for this use case due to the volumes of data involved, and the resulting costs.
ULedger’s Enterprise Blockchain platform is an ideal solution because our architecture allows for the scalability required by this use case. ULedger Logging provides reliable and economical 3rd party logging via our Enterprise Blockchain Protocol. Using ULedger Logging ensures you have a complete and tamper-proof history.
Even better, once you have a tamper-proof history, you have a basis for real-time identification of anomalies, i.e. changes to system logs that may indicate tampering, hacking, or other undesirable behavior. By continual comparison between the existing system logs and the immutable blockchain-based copy, it is possible to identify any discrepancies between these data stores and issue alerts that allow an administrator to investigate the cause and potentially catch a perpetrator in the act.
Download a PDF Product Sheet.