- Free Edition
- What's New?
- Quick Links
- Log Management
- Application Log Management
- Application log monitoring
- IIS log analyzer
- IIS web log analyzer
- IIS FTP log analyzer
- IIS log parser
- VMware log analyzer
- Hyper V event log auditing
- SQL database auditing
- SQL server auditing
- MySQL log analyzer
- Apache log analyzer
- DHCP server auditing
- Database activity monitoring
- Database auditing
- Oracle database auditing
- IT Compliance Auditing
- IT Compliance Auditing
- SOX Compliance Audit
- GDPR Compliance Audit
- ISO 27001 Compliance Audit
- HIPAA Compliance Audit
- PCI Compliance Audit
- FISMA Compliance Audit
- GLBA Compliance Audit
- GPG Compliance Audit
- ISLP Compliance Audit
- FERPA Compliance Audit
- CCPA Compliance Reports
- CCPA Compliance Software
- NERC Compliance Audit Reports
- Cyber Essentials Compliance Reports
- Reports for New Regulatory Compliance
- Customizing Compliance Reports
- PDPA compliance audit reports
- CMMC Compliance Audit
- SIEM
- Security Information and Event Management (SIEM)
- Threat Intelligence
- STIX/TAXII feed processor
- Server Log Management
- Event Log Monitoring
- File Integrity Monitoring
- Linux File Integrity Monitoring
- Threat Whitelisting
- Advanced Threat Analytics
- Security Log Management
- Log Forensics
- Incident Management System
- Application log management
- Real-Time Event Correlation
- Detecting Threats in Windows
- External Threat Mitigation
- Malwarebytes Threat Reports
- FireEye Threat Intelligence
- Linux Log Analyzer
- Network Device Monitoring
- Network Device Monitoring
- Router Log Auditing
- Cisco Logs Analyzer
- VPN log analyzer
- IDS/IPS log monitoring
- Solaris Device Auditing
- Monitoring user activity in routers
- Monitoring Router Traffic
- Switch Log Monitoring
- Arista Switch Log Monitoring
- Firewall Log Analyzer
- Firewall Traffic Monitoring
- Windows Firewall Auditing
- SonicWall Log Analyzer
- H3C Firewall Auditing
- Barracuda Device Auditing
- Palo Alto Networks Firewall Auditing
- Juniper Device Auditing
- Fortinet Device Auditing
- pfSense Firewall Log Analyzer
- NetScreen Log Analysis
- WatchGuard Traffic Monitoring
- Check Point Device Auditing
- Sophos Log Monitoring
- Huawei Device Monitoring
- HP Log Analysis
- F5 Logs Monitoring
- Fortinet log analyzer
- Endpoint Log Management
- System and User Monitoring Reports
- More Features
- Resources
- Product Info
- Related Products
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- ADSelfService Plus Identity security with MFA, SSO, and SSPR
- DataSecurity Plus File server auditing & data discovery
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- RecoveryManager Plus Enterprise backup and recovery tool
- SharePoint Manager Plus SharePoint Reporting and Auditing
- AD360 Integrated Identity & Access Management
- AD Free Tools Active Directory FREE Tools
According to the Forbes, the number of hacking and intrusion incidents resulting in data breaches have increased, highlighting the importance of securing an organization's network. This often leads to IT administrators blacklisting essential data sources and a subsequent decrease in business productivity. To cater to the security needs of an organization without exposing the network to risks, administrators need to maintain a list of trustworthy sources.
Whitelisting refers to the concept of explicitly authorizing known, trusted entities. They may appear to be malicious but will generally be harmless.
EventLog Analyzer, a log management tool, allows you to customize the list of admissible entities or sources. The tool enables you to whitelist IP addresses, URLs, and domains. It collects log information and correlates it with the list of the whitelisted sources to ensure that alerts are not triggered needlessly.
For instance, global threat feeds often flag legitimate IP addresses that your enterprise uses as "malicious." EventLog Analyzer helps you whitelist such IPs, allowing them to bypass the security check. Further, it excludes whitelisted sources from threat alerts and external threat reports to help reduce the number of false positives, and simplify the threat management process.
Integration with Advanced Threat Analytics
EventLog Analyzer's Advanced Threat Analytics helps you identify malicious sources based on their reputation score. Threat whitelisting is integrated with Advanced Threat Analytics to reduce the number of false positives.
For instance, let's use an IP address with a reputation score of 80. This address has been flagged as malicious even though it's trustworthy to your organization. EventLog Analyzer comes with an option to whitelist sources on the spot when the notification is shown. You can even whitelist multiple sources in a single click.
By combining the wealth of information from the collected logs and the database of global threat feeds, EventLog Analyzer gives you the necessary information on IPs, URLs, and domains to identify seemingly malicious yet useful sources, and whitelist them.
