Log Export Service (LES)
Summarize
Summary of Log Export Service (LES)
Log Export Service (LES) enables seamless export of system and application logs from your ServiceNow instance to enterprise security analytic tools. It supports near real-time integration and is designed for easy setup and maintenance, helping you leverage analytics for improved security and performance.
Show less
Key Features
- Real-Time Integration: LES forwards log events as they are generated using the Hermes Messaging Service, built on Apache Kafka, facilitating high-volume data transport.
- Scalability: The service is capable of handling large volumes of log events across multi-tenant, multi-cluster environments.
- Connectivity Options: You can connect to log analytic tools through:
- Dedicated MID Server for continuous log pulling.
- Kakfa connector from your log analytics solution (e.g., Splunk).
- Direct connection from your Kafka system to Hermes Messaging Service.
- Guided Setups: The LES application offers guided setups for installation, configuration, and reporting on log creation and consumption.
Key Outcomes
By utilizing LES, ServiceNow customers can:
- Detect security threats and analyze incidents.
- Troubleshoot and optimize application performance.
- Monitor and enhance user experience.
For installation, the LES application is available on the ServiceNow Store, providing necessary tools to configure log sources, consumers, and destinations effectively.
Log Export Service (LES) lets you seamlessly export your instance system and application logs into your enterprise security analytic tools. The service provides a highly scalable and near real-time integration with your analytic tools that is easy to setup and maintain.
- Detect ServiceNow security threats and analyze security incidents
- Troubleshoot and optimize ServiceNow app performance
- Monitor and optimize ServiceNow user experience
LES leverages a ServiceNow AI Platform capability called the Hermes Messaging Service, which is a multi-tenant, multi-cluster, data transport, and queuing service built on Apache Kafka that enables your instance to produce and consume large volumes of Kafka events. Apache Kafka is an open-source data streaming platform that provides a single integration point for exchanging data across business systems in your organization.
LES forwards a copy of the log events as they are generated to the Hermes Messaging Service.
The Hermes Messaging Service is a multi-tenant, multi-cluster, data transport, and queuing service built on Apache Kafka that enables your instance to produce and consume large volumes of Kafka events. The Hermes Messaging Service is a ServiceNow AI Platform capability that is available as part of Stream Connect, Log Export Service (LES), and Instance Data Replication (IDR).
- Dedicated MID Server: A dedicated MID Server is installed on-prem or in the cloud that automatically connects to Hermes Messaging Service, pulls log events from it continuously and then pushes them to log analytic tools via a REST connection.
- Leverage Kafka connector from your log analytic solution (for example, Splunk): A Kafka connector from your log analytics product of choice is installed on-prem or in the cloud that automatically connects to Hermes Messaging Service, pulls log events from it continuously and then pushes them to log analytics tools.
- Directly from your Kafka system: Your Kafka system connect directly with the Hermes Messaging Service and use its native Kafka protocol commands and connectivity to pull logs events from it.
To configure and manage LES you need to install it from ServiceNow Store. The LES application provides Guided Setups to help you install the service, pages to configure the service (log sources, consumers and destinations) and reports to understand log creation and consumption.