Support
 
Support Get Quote
 
 
 
 

Unix Auditing and Reporting

Unix Auditing and Reporting

Unix systems are popular in many organizations, and auditing the syslogs of the Unix systems can provide important information on the events in your network. This information will help you decide on various administrative and security actions. Auditing Unix systems involves:

  • Monitoring all Unix system logons and logoffs.
  • Tracking all changes to user accounts and groups.
  • Staying aware of all instances when a removable device is plugged into or taken out of your network.
  • Tracking all sudo command executions.
  • Monitoring Unix mail and FTP servers for actions performed, errors, and more.
  • Learning of any potential security threats so you can preempt them.
  • Identifying all events occurring at each severity level, including critical events.
  • Tracking several other events such as session connections, NFS mounts, and more.

Auditing Unix systems gives you complete control over the security and management of your network. But, it is not that simple. You can instead use EventLog Analyzer, a comprehensive syslog management solution, to maintain a secure Unix system.

Auditing Unix Systems with EventLog Analyzer

  • Complete Unix log management and auditing.
  • Monitor Unix processes, user activity, mail servers, and more.
  • Over 100 predefined reports exclusively for Unix systems, including server errors, server usage, and security reports.
  • Customize, schedule, and export reports as needed and even define custom reports.
  • Reports are provided in graph, list, and table formats, and you can easily pull up the plain-text log information from any report entry.
  • Receive instant email or SMS notifications for all events you want to track in real time.
  • The correlation feature provides a device of customizable rules to alert you when specific events occur in sequence.
  • The logs are securely archived and easily searchable with the product-flexible log forensics feature.

Unix Logon and Logoff Reports

  • Track all logons and logoffs, including individual methods for logging on such as SU, SSH, and FTP logons.
  • Overview and top N reports summarize information and present the users and devices with the most frequent logon

Available Reports

User logons | SU logons | SSH logons | FTP or SFTP logons | Logon overview | Top logons based on user | Top logons based on device | Top logons based on remote device | Top Unix logon method | Logon trend | User logoffs | SU logoffs | SSH logoffs | FTP or SFTP logoffs | Logoff overview

Unix Failed Logon Reports

  • View a list of all failed logons.
  • Top N reports reveal the users whose logon attempts fail most frequently.
  • Identify users with multiple consecutive authentication failures.
  • Identify remote devices generating the highest number of failed logon attempts.

Available Reports

User failed logons | SU failed logons | SSH failed logons | FTP or SFTP failed logons | Failed logons overview | Top failed logons based on user | Top failed logons based on device | Top failed logons based on remote device | Top failed logon methods | Failed logon trends | Repeated authentication failures | Invalid user logon attempts | Unsuccessful logon failures with long password | Repeated logon failure based on remote device | Repeated authentication failures based on remote device

Unix User Account Management

  • Discover all user accounts and groups that have been added, removed, or renamed.
  • Identify failed password changes and newly added users.
  • Learn the user account management tasks that occur most frequently.

Available Reports

Added user accounts | Deleted user accounts | Renamed user accounts | Groups added | Groups deleted | Groups renamed | Password changes | Failed password changes | Failed user additions | Top Unix account management events

Unix removable disk auditing

  • Audit the use of removable devices on your Unix systems.
  • Learn the details of each time a removable device is plugged into or taken out of the network.

Available Reports

USB plugged in | USB taken out

Sudo commands

  • View details of all successful and failed sudo command executions.
  • Identify the most frequently attempted sudo commands.

Available Reports

SUDO command executions | Failed SUDO command executions | Top SUDO command executions | Top failed SUDO command executions

Unix mail server reports

  • Obtain an overview of the email server usage pattern and view the trends associated with emails sent and received.
  • Identify the users and remote devices sending and receiving the most email.
  • Discover the domains that send, receive, or reject the most email.
  • Track errors such as mailbox unavailable, insufficient storage, bad sequence of commands, and more.
  • Discover the errors that occur most frequently.

Available Reports

Emails sent overview | Emails received overview | Top emails sent based on sender | Top emails sent based on remote device | Top emails received from remote devices | Top sender domain | Top recipient domain | Trend report on emails sent | Trend report on emails received | Top emails rejected based on sender | Top receivers who rejected emails | Top email rejection errors | Top rejected domains | Emails rejected overview | Mailbox unavailable | Insufficient storage | Bad sequence of commands | Bad email Address | Nonexistent email address on remote side | Top email errors | Top email errors based on sender | Failed email deliveries

Unix Errors and Threats

  • Discover potential security concerns so you can proactively prevent them.
  • Identify errors that do not need corrected.

Available Reports

Reverse lookup errors | Bad deviceConfig errors | Bad ISP errors | Invalid connection remote device | Denial of service attack

Unix NFS Events

  • Obtain details for all successful and denied NFS mounts.
  • Identify the users and remote devices with the highest number of denied NFS mounts.

Available Reports

Successful NFS mounts | Refused NFS mounts | Denied NFS mounts based on users | Top successful NFS mounts based on remote device | Top refused NFS mounts based on remote device.

Unix other Events

  • Identify services that have been deactivated.
  • View details of sessions that have been connected and disconnected.
  • Stay aware of any timeouts during the logging process.
  • Track mismatched errors in device names or addresses.

Available Reports

Connection aborted by a software | Receive identification string | Session connected | Session disconnected | Deactivated services | Unsupported protocol version | Timeout while logging | Failed updates | deviceName mismatch error | deviceAddress mismatch error

Unix FTP Server Reports

  • Obtain details for all file downloads and uploads.
  • View details for timeouts that occur during logon, data transfer, idle sessions, and connections.
  • Identify users and remote devices who perform the highest number of FTP operations.

Available Reports

File downloads | File uploads | Data transfer stall timeouts | Logon timeouts | Session idle timeouts | No transfer timeouts | Connection timeouts | FTP reports overview | Top FTP operations based on user | Top FTP operations based on remote device

Unix System Events

  • Track important system events such as the stopping and restarting of syslog service, low disk space, and executions of the yum command.

Available Reports

Syslog service stopped | Syslog service restarted | Low disk space | System shutdown | Yum installs | Yum updates | Yum uninstalls

Unix Severity Reports

  • View events logged at each severity level, from emergency to debug.

Available Reports

Emergency events | Alert events | Critical events | Error events | Warning events | Notice events | Information events | Debug events

Unix Critical Reports

  • View critical events based on the event, device, or remote device responsible for generation.
  • A trend report is provided to uncover patterns in the occurrence of critical events.

Available Reports

Criticality level of events | Critical reports based on event | Critical events based on device | Critical events based on remote device | Critical event trends | Critical events overview

Explore over 125 built-in Unix reports and alerts now.

  • Please enter a business email id
  •  
  •  
    By clicking 'Get Your Free Trial', you agree to processing of personal data according to the Privacy Policy.

Thanks!

Your download is in progress and it will be completed in just a few seconds!
If you face any issues, download manually here

EventLog Analyzer Trusted By

Los Alamos National Bank Michigan State University
Panasonic Comcast
Oklahoma State University IBM
Accenture Bank of America
Infosys
Ernst Young

Customer Speaks

  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

Awards and Recognitions

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
A Single Pane of Glass for Comprehensive Log Management