- Free Edition
- What's New?
- Key Highlights
- Suggested Reading
- All Capabilities
-
Log Management
- Event Log Management
- Syslog Management
- Log Collection
- Agent-less Log Collection
- Agent Based Log collection
- Windows Log Analysis
- Event Log Auditing
- Remote Log Management
- Cloud Log Management
- Security Log Management
- Server Log Management
- Linux Auditing and Reporting
- Auditing Syslog Devices
- Windows Registry Auditing
- Privileged User Activity Auditing
-
Application Log Management
- Application Log Monitoring
- Web Server Auditing
- Database Activity Monitoring
- Database Auditing
- IIS Log Analyzer
- Apache Log Analyzer
- SQL Database Auditing
- VMware Log Analyzer
- Hyper V Event Log Auditing
- MySQL Log Analyzer
- DHCP Server Auditing
- Oracle Database Auditing
- SQL Database Auditing
- IIS FTP Log Analyzer
- IIS Web Log Analyzer
- IIS Viewer
- IIS Log Parser
- Apache Log Viewer
- Apache Log Parser
- Oracle Database Auditing
-
IT Compliance Auditing
- ISO 27001 Compliance
- HIPAA Compliance
- PCI DSS Compliance
- SOX Compliance
- GDPR Compliance
- FISMA Compliance Audit
- GLBA Compliance Audit
- CCPA Compliance Audit
- Cyber Essentials Compliance Audit
- GPG Compliance Audit
- ISLP Compliance Audit
- FERPA Compliance Audit
- NERC Compliance Audit Reports
- PDPA Compliance Audit reports
- CMMC Compliance Audit
- Reports for New Regulatory Compliance
- Customizing Compliance Reports
-
Security Monitoring
- Threat Intelligence
- STIX/TAXII Feed Processor
- Threat Whitelisting
- Real-Time Event Correlation
- Log Forensics
- Incident Management System
- Automated Incident Response
- Linux File Integrity Monitoring
- Detecting Threats in Windows
- External Threat Mitigation
- Malwarebytes Threat Reports
- FireEye Threat Intelligence
- Application Log Management
- Security Information and Event Management (SIEM)
- Real-Time Event Alerts
- Privileged User Activity Auditing
-
Network Device Monitoring
- Network Device Monitoring
- Router Log Auditing
- Switch Log Monitoring
- Firewall Log Analyzer
- Cisco Logs Analyzer
- VPN Log Analyzer
- IDS/IPS Log Monitoring
- Solaris Device Auditing
- Monitoring User Activity in Routers
- Monitoring Router Traffic
- Arista Switch Log Monitoring
- Firewall Traffic Monitoring
- Windows Firewall Auditing
- SonicWall Log Analyzer
- H3C Firewall Auditing
- Barracuda Device Auditing
- Palo Alto Networks Firewall Auditing
- Juniper Device Auditing
- Fortinet Device Auditing
- pfSense Firewall Log Analyzer
- NetScreen Log Analysis
- WatchGuard Traffic Monitoring
- Check Point Device Auditing
- Sophos Log Monitoring
- Huawei Device Monitoring
- HP Log Analysis
- F5 Logs Monitoring
- Fortinet Log Analyzer
- Endpoint Log Management
- System and User Monitoring Reports
-
Log Management
- Product Resources
- Related Products
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- ADSelfService Plus Identity security with MFA, SSO, and SSPR
- DataSecurity Plus File server auditing & data discovery
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- RecoveryManager Plus Enterprise backup and recovery tool
- SharePoint Manager Plus SharePoint Reporting and Auditing
- AD360 Integrated Identity & Access Management
- AD Free Tools Active Directory FREE Tools
What is CMMC compliance?
The Cybersecurity Maturity Model Certification (CMMC) is a framework developed by the U.S. Department of Defense (DoD) to enhance cybersecurity across the Defense Industrial Base (DIB). It mandates that DoD contractors and subcontractors implement cybersecurity controls to protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).
CMMC has three levels of certification, with increasing security requirements based on the sensitivity of the information handled. Compliance is mandatory for all DoD contractors, subcontractors, and vendors seeking to bid on or perform DoD contracts.
Related Content
- Compliance hub
- What is security compliance?
- What is a compliance audit?
- Risks of regulatory non-compliance
- Compliance management software
How does EventLog Analyzer fulfill CMMC requirements?
User activity monitoring
With EventLog Analyzer, you can monitor access to terminal servers, Windows workstations, Linux and Unix servers, network devices, and database servers, and get notified in real time when suspicious events are detected. You can also get detailed, out-of-the-box reports on user logon and logoff activities, privileges assigned to new logons, failed logons along with the cause of failure, usage of removable disks, tampering of sensitive data stored in databases, VPN logon activities, and more.
Network device monitoring
Detect security threats and get real-time notifications by auditing your network devices using EventLog Analyzer. It provides out-of-the-box support for firewalls, next-generation firewalls, intrusion detection systems, and intrusion prevention systems from leading vendors. Apart from monitoring allowed and denied traffic, logon activities, policy modifications, configuration changes, and more on your network devices, EventLog Analyzer also provides exhaustive information about it all in the form of intuitive, graphical reports to help you keep track of network activity.
Auditing database actions
Track access to confidential information stored in database servers using EventLog Analyzer. By collecting and analyzing logs from database servers such as Microsoft SQL servers, Oracle servers, and MySQL servers, EventLog Analyzer generates comprehensive reports that can help you monitor database activities such as logons, DDL and DML queries executed on the database, password modifications, permission changes, privilege escalations, role changes, and more. Get alerted instantly when any suspicious activity occurs in your database server.
Incident detection and response
EventLog Analyzer's end-to-end incident management system includes incident response workflows that can be used to automate quick responsive actions like disabling compromised accounts or terminating processes when a threat is detected in the organization network. Tickets can also be generated automatically when an alert is raised, and these tickets can be assigned to the appropriate security administrator for quick incident resolution. EventLog Analyzer's intuitive security incident dashboard can also help you keep track of the status of an incident from detection to resolution.
Be CMMC compliance ready with EventLog Analyzer
| CMMC sections | Description of requirement | Some of EventLog Analyzer's reports that can help fulfill the CMMC's requirements |
|---|---|---|
| C001 - AC.1.001
Limit information system access to authorized users, processes acting on behalf of authorized users or devices (including other information systems). |
Detailed Windows Logon Reports |
|
| Windows Logoff Reports |
|
|
| Windows Failed Logon Reports |
|
Other features offered by EventLog Analyzer
In-depth auditing and reporting
EventLog Analyzer includes over 1,000 predefined reports that are updated instantly upon log collection, helping you analyze your network efficiently in real time.
A powerful correlation engine
EventLog Analyzer's more than 30 predefined correlation rules can help you detect suspicious attack patterns in your organization network.
Augmented threat intelligence
EventLog Analyzer's built-in threat intelligence capabilities can detect and flag suspicious sources, such malicious domains, IPs, and URLs intruding in a network.
Integration with external ticketing systems
With EventLog Analyzer, you can integrate with third-party ticketing systems such as Jira Service Desk, Zendesk, and ServiceNow to assign tickets to security administrators and manage security incidents efficiently.
Frequently asked questions
- Level 1: Basic safeguarding of FCI with 15 security requirements from Federal Acquisition Regulation (FAR) 52.204-21.
- Level 2: Advanced protection of CUI with 110 controls from NIST SP 800-171 R2.
- Level 3: Enhanced security against APTs with 24 additional requirements from NIST SP 800-172.
CMMC implementation begins 60 days after the publication of the final Title 48 CFR CMMC acquisition rule. A phased rollout over three years will gradually include CMMC requirements in DoD contracts.
Yes, all DoD contractors and subcontractors that handle FCI or CUI must achieve and maintain the required CMMC level to bid on or perform DoD contracts.
- Level 1: Annual self-assessment.
- Level 2: Self-assessment or C3PAO assessment every three years.
- Level 3: DIBCAC assessment every three years.
