System Requirements
Hardware Requirements
Log360 Setup with its child products is recommended to be split across two servers with the following configurations.
1. EventLog Analyzer, Active Directory AuditPlus and Log360 combined can be installed in the server with the following configuration.
| Hardware |
Minimum |
Recommended |
| Processor |
2.4 Ghz |
3 Ghz |
| Core |
16 Core |
20 core |
| RAM |
52 GB |
64 GB |
| Disk Space |
1.5 TB |
2.2 TB |
| Disk Type |
SSD |
SSD |
2. M365 Manager Plus, Log360 UEBA combined can be installed in the server with the following configuration
| Hardware |
Minimum |
Recommended |
| Processor |
2.4 Ghz |
3 Ghz |
| Core |
6 Core |
12 core |
| RAM |
24 GB |
32 GB |
| Disk Space |
200 GB |
400 GB |
| Disk Type |
SSD |
SSD |
Note:
- The above mentioned values are approximate. It is recommended to run a test environment similar to the production environment with the recommended setup as mentioned. The system requirements can be fine tuned based on the exact flow and data size.
- For each integrated product, refer the individual product recommendations below for fine tuning.
EventLog Analyzer: https://www.manageengine.com/products/eventlog/system_requirement.html
M365 Manager Plus: https://www.manageengine.com/microsoft-365-management-reporting/system-requirements.html
Active Directory AuditPlus: https://www.manageengine.com/products/active-directory-audit/system-requirements.html
Log360 UEBA: https://www.manageengine.com/log-management/ueba/help/system-requirements.html
General Recommendations
VM infrastructure
- Allocate 100 percent RAM/CPU to the virtual machine running EventLog Analyzer. Sharing memory/CPU with other virtual machines on the same host may result in RAM/CPU starvation and may negatively impact EventLog Analyzer's performance.
- Enabling VM snapshots is not recommended as the host duplicates data in multiple blocks by increasing reads and writes, resulting in increased IO latency and degraded performance.
CPU & RAM
- Server CPU utilization should be maintained below 85% always to ensure optimal performance.
- 50% of server RAM should be kept free for Off-heap utilization of Elasticsearch for optimal performance.
DISK
- Disk latency greatly affects the performance of SIEM solutions. Direct-attached storage(DAS) is recommended on par with an SSD with near zero latency and high throughput. An enterprise SAN can be faster than SSD.
Log360
- Log360 components are resource intensive processes. It is recommended to provide each component with a dedicated server for better performance.
- It is recommended to split the load with Multiple ES Nodes, with Each node handling 800GB - 1.2 TB of Data.
- Log360 uses Elasticsearch, which is expected to utilize off-heap usage for better performance. Off-heap usage is maintained by OS and will free up when necessary.
Additional ES Node Recommendations:
| Hardware |
Minimum |
Recommended |
| Base Speed |
2.4 Ghz |
3 Ghz |
| Core |
12 |
16 |
| RAM |
64 |
64 |
| Disk Space |
1.2 TB |
1.5 TB |
| Disk Type |
SSD |
SSD |
Software Requirements
ManageEngine Log360 supports the following Microsoft Windows operating system versions:
Note: ManageEngine M365 Manager Plus does not support Windows OS versions 2003,2008, XP, and Vista. And it supports Windows OS versions 7 and 2008 R2 only when Service Pack 1 (SP1) is installed.
Supported Browsers
ManageEngine Log360 requires one of the following browsers to be installed on the system to access the Log360 web client.
- Microsoft Edge
- Firefox 4 and above
- Chrome 10 and above
- Safari 5 and above
Click here to expand
Download PDF