AMI for Security V6.0.02 - New Feature - Big Data Searches

Version 3
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    BMC AMI Command Center for Security


    COMPONENT:

    BMC AMI Command Center for Security


    APPLIES TO:

    V6.0.02



    QUESTION:

    AMI for Security V6.0.02 supports big data searches.  What's the difference between a "normal" search and a big data search?


    ANSWER:

    AMI for Security V6.0.02 introduced the ability to search through big data.  Why yes, AMI for Security could search its message logs (AKA big data); however, with today’s bigger (10+ GB) file sizes, a new additional search method was added.  This knowledge article will outline the big data search facility improvements.

    From the Command Center, select Reports -> Query -> Generate -> Run Forensic Search Query.  This will lead you to here:

    big data

    Under the Query File Type selection, select the “BigData-Logs” pull-down menu selection.  Some of the normal log searching criteria are different for the big data log searches. Here are a few of the differences:
     

       
    1. The big data searches cannot be limited on the number of search results found; whereas the normal data searches have a parameter to limit the maximum number of search results.
    2.  
    3. The big data searches cannot be limited to a matching IP address or Group
    4.  
    5. For larger files (10+ GB) big data searches are faster.
    6.  
    7. Big data searches return results roughly every 5 seconds; whereas a normal search only returns results at the end of the search.
      
    Once your big data search is complete, the search results are searchable.

      

     


    Article Number:

    000193381


    Article Type:

    FAQ/Procedural



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles