EventLog Analyzer automatically archives all event logs and syslogs collected from Windows and UNIX hosts, Routers & Switches, and other syslog devices on the EventLog Analyzer server itself. The event log archive is invaluable in forensic analysis and determining performance and usage statistics for a host.
Now, EventLog Analyzer encrypts the event log archive files to ensure the log data is secured for future forensic analysis, compliance and internal audits.
The hashing of the archive log data files further secures the event log data.
The time stamping technique ensures that the archive data files are tamper proof. If there is a modification of file, this technique will reveal that the file has been tampered.
The three point security keeps the archive log data safe.
The default log archiving interval creates a log archive file of the all the received raw logs every 24 hours. And these log archive files are then compressed (zipped) after every 7 days, to conserve hard disk space. You can configure the archive file creation and compressed file creation any time depending on how often you need to archive event logs. You can even disable log archiving entirely if needed.
At any time, you can load event log archive file into the EventLog Analyzer database and generate reports from the archived event data.
Every log archive file that is created, is stored along with the time of archive creation, size of the archive, and the host whose event logs have been archived. This makes it easy to load and generate reports from archived event logs.
EventLog Analyzer includes options to instantly generate log archives for all event logs collected so far. All event logs collected will be archived, irrespective of the log archiving interval defined. In this way, you can create and load archived files into the database at any time.