Become a partner   | Request Support  | Contact Sales  | 1Stack access

    • Centalized Log Management — security, compliance and advanced event management

    Security Compliance Alerting Dashboard

    RocketLog is CoreTech’s cloud service based on technologyGraylog, designed to collect, organize and analyze logs from IT infrastructures, hardware devices, applications and network systems.

      Register as a Partner   Configure prices   Richiedi trial

    CoreTech managed service · Cloud platform

    Why log management is essential today

    For MSPs and for their client companies, logs are a fundamental resource.

    On the one hand, they help meet requirements for traceability, auditing and retention required by internal policies, standards and regulations. On the other hand, they make it possible to identify weak signals that often foreshadow a security issue: failed login attempts, anomalies in user behavior, suspicious hardware events, recurring application errors, unusual activity on firewalls or VPNs.

    What is often perceived as a mere compliance task becomes a strategic tool to increase the level of control over the infrastructure

    The context: compliance and security

    The two regulations currently in force in Italy (and in Europe) related to data protection (GDPR) and cybersecurity (NIS2) are strongly linked to the collection, analysis and management of logs. Logs make it possible to trace access, changes and breaches, providing a crucial audit trail to demonstrate compliance with both regulations. Continuous log monitoring helps identify anomalies and potential threats in real time, enabling rapid corrective action and ensuring the security and privacy of sensitive data.

    What RocketLog is

    RocketLog is a cloud appliance for centralized log collection and analysis via Syslog , built on Graylog and designed to offer MSPs, software houses and companies an effective, scalable and ready-to-use tool.

    With RocketLog you can:

    • collect logs from heterogeneous software and hardware systems
    • centralize data in a dedicated cloud environment
    • organize logs according to your operational logic
    • create advanced dashboards for event analysis
    • define triggers and automatic alerting rules
    • improve security posture and operational readiness

    As a cloud appliance, no on-premises hardware installation is required: you will not need to dedicate part of your existing on-premises infrastructure or purchase a new server to deliver this service.

    RocketLog — raccolta e analisi log
    How it works

    RocketLog provides a dedicated cloud server where all logs sent from your systems converge.

    How it works, in short:

    • you configure your devices or software to send logs via Syslog
    • you use your dedicated DNS name as the destination
    • RocketLog receives, stores and indexes the logs
    • data is also organized in separate databases, according to operational needs
    • you analyze everything through dashboards and automated rules

    This approach lets you create a single collection and observation point from which to gain technical visibility and operational control.

    Compatibility and centralized collection

    RocketLog can collect logs from any systems able to send them via Syslog or otherwise produce events useful for monitoring and security.

    Among the most common sources:

    • Firewall
    • physical and virtual servers
    • network devices
    • mail systems
    • operating systems
    • applications
    • database
    • VPN
    • IDS/IPS
    • hardware consoles and BIOS management such as HPE iLO

    This way you can have events from different technologies in one place, making cross-cutting control and analysis easier.

    The advantages

    Technical benefits

    With RocketLog, and with SygmaAlert as an integrated option, you get immediate technical benefits:

    • log centralization in the cloud
    • unified visibility into events and anomalies
    • advanced dashboards for real-time analysis
    • trigger rules and event correlation
    • centralized alert management
    • access to alerts from a mobile app as well
    • faster identification of issues and threats
    • better forensic analysis and event reconstruction capability

    Strategic benefits

    Beyond technical benefits, RocketLog is a strategic advantage for IT governance.

    In cybersecurity

    • increase the ability to detect suspicious events
    • identify early indicators of attack
    • reduce response times
    • improve control over access and critical activities
    • support IT teams in day-to-day security management

    In compliance (GDPR and NIS2)

    • log collection and retention
    • event traceability
    • advanced dashboards for real-time analysis
    • technical and organizational audits
    • verification of security policies
    • demonstrability of activities carried out

    Compliance is no longer perceived only as an obligation, but as a driver of operational maturity and security.

    Who it is for

    RocketLog is the ideal solution for:

    • MSPs that want to offer customers structured log monitoring and alerting
    • Software houses that need to monitor availability, security and application errors
    • Companies that want to increase their security level without introducing overly complex platforms
    • IT teams and system administrators seeking greater operational visibility and ability to respond

    With SygmaAlert, this ecosystem becomes even easier to use, enabling simple, immediate alert management on the go as well.

    Why choose RocketLog

    Choosing RocketLog means adopting a platform that combines technical reliability, operational simplicity and strategic value.

    With RocketLog you get:

    • a ready-to-use cloud service
    • solid technology based on Graylog
    • a scalable, flexible platform
    • configurable alerting rules
    • support for security and compliance needs

    With the SygmaAlert option you add:

    • centralized collection of alerts via email
    • automatic categorization
    • access via web and mobile app
    • greater simplicity in operational management
    • a control model close to SOC logic, but much more accessible
      Register as a Partner   Configure prices   Richiedi trial
    Dashboards and advanced analysis

    Based on Graylog, RocketLog offers complete, flexible dashboards to view, filter and correlate events in real time.

    Dashboards let you:

    • view the operational status of systems
    • identify recurring patterns
    • quickly filter the most relevant events
    • build custom views by customer, site, role or technology
    • facilitate troubleshooting, auditing and incident analysis

    The goal is not merely to “store logs”, but to make them truly usable for decision-making.

    Dashboard RocketLog
    Alerting, triggers and event management

    RocketLog lets you set trigger rules based on AND/OR logical conditions on incoming messages. This turns logs into operational events, useful both for security and for service continuity.

    Practical examples

    You can forward your mail server’s authentication logs and define a rule such as:

    if there are 5 failed login attempts within 5 minutes, generate an alert

    Or you can configure physical servers and hardware devices to send specific technical events. For example, if someone logs into the BIOS console via HPE iLO, you can receive an immediate notification.

    This type of monitoring is especially useful for catching silent attacks, abnormal access attempts or out-of-standard behavior before they become real incidents.

    SygmaAlert: the option that completes RocketLog

    For RocketLog customers, SygmaAlert is available as an option dedicated to centralized alert management.

    SygmaAlert is a system developed by CoreTech, available both as a web application as well as a mobile app for iOS and Android, , which collects, categorizes and manages alerts from multiple sources.

    In particular, SygmaAlert can manage alerts generated by:

    • RocketLog/Graylog
    • SygmaConnect
    • other systems able to send notifications via email

    The system intercepts email messages, analyzes them, categorizes them and presents them in a centralized alert list , making review and triage much simpler and faster.

    SygmaAlert e RocketLog
    In-depth insights

    From log to action: simple alert management

    One of the most common problems in security and monitoring is fragmented notifications. Firewalls, login systems, monitoring, RMM, databases, IDS/IPS, VPNs, hardware devices and applications continuously generate alerts. Without a suitable tool, this information risks being scattered across emails, separate notifications and hard-to-use tools.

    SygmaAlert was created to solve this problem: it organizes alerts and makes them readable, helping MSPs and software houses manage system security and availability simply, via both web and mobile.

    With SygmaAlert, an alert is no longer an isolated email message, but becomes structured information you can review and manage operationally.

    A practical approach to the SOC, without unnecessary complexity

    Many SIEM or SOAR solutions on the market offer great potential, but they are often complex, costly and hard to adopt effectively in day-to-day operations.

    The RocketLog + SygmaAlert approach instead aims for a concrete outcome:

    • collect logs
    • identify relevant events
    • turn them into clear alerts
    • make them available in a simple way
    • improve response speed

    In other words, a SOC model that is practical and accessible , designed for organizations that need control, speed and ease of use.