Honeycomb LexClassifier Overview

Data Sheet for Honeycomb’s LexClassifier solution for IBM QRadar.

LexClassifier™ for IBM QRadar
Security tools and SIEMs are well known for handling lots of real-time network and data traffic occurring on your network. SIEMs are
less able to handle data that has been stored offline and/or encoded into formats not recognized by SIEMs – they’re simply not geared
up for this type of information.
Enter: LexClassifier – The Lexicon Classifier is a component of LexiconEnterprise which automatically detects, decodes, reads and
classifies myriad of file types and formats (over 1500 types), allowing huge piles of arbitrary data and files to be sorted, collated and
classified to make its valuable contents accessible for security scanning by SIEM tools.
Lexicon Classifier Includes the following benefits:
Auto-classifies data depending
Handles detection and parsing
Detects and decodes over 1500
on content for over 260 log
of unrecognized data types (e.g.
file types and encodings
source types
custom log files)
Forwards data to third party
Passes data to Lexicon
Fully extensible to handle any
SIEM tools with full filtering
Enterprise Indexing Engine
data format
capabilities
Classifier
Decoder
Detects file types
Detects data classification
and decodes file (e.g.
based on content (e.g.
Formatters
Word, Excel, PDF,
Cisco, Juniper, Windows,
char sets, etc.)
Custom, etc.)
Parser
Indexer
Detects over 1500
Supports over 260
Arbitrary data
file formats
log source types
Parses content based on
Data is ready for indexing
classification
into Lexicon Enterprise
Indexing Engine
Forwarder
Data can be forwarded to
external SIEM/syslog tools
QRadar LexClassifier Part Numbers
D0WSCLL
IBM Security QRadar SIEM All-in-One Virtual 3190 LICENSE + SW Subscription & Support 12 Months
D0WUKLL x 4
IBM Security QRadar Virtual SIEM Event Capacity Increase of 100 EPS Install License + SW Subscription & Support 12 Months
D10UVLL
IBM Security QRadar SIEM Event Capacity Increase to 1K EPS from 500 EPS Install License + SW Subscription & Support 12 Months
D0WTULL
IBM Security QRadar SIEM Event Capacity Increase from 1K to 2K EPS Install License + SW Subscription & Support 12 Months
D0V5JLL
IBM Security QRadar SIEM Event Capacity Pack Increase of 2K EPS Install License + SW Subscription & Support 12 Months
HC-API-15
Honeycomb Technologies LexCollect/Classifier API Licence
HC-LEX-CLA-15
Honeycomb Technologies LexCollect & LexClassifier License + SW Subscription & Support 12 months
Available as a packaged bundle via Satisnet – www.satisnet.co.uk
© Copyright 2015 Honeycomb Technologies Ltd. All Rights Reserved.

Download