Feature Description |
ManageEngine EventLog Analyzer
Try now |
FortiAnalyzer-VM |
Log collection |
Agentless |
|
Not specified |
Agent-based |
|
Not specified |
Cross platform log collection |
|
|
Heterogeneous server/ device support |
|
Not specified |
Import logs |
|
|
Periodical import of logs |
|
|
Log filter |
|
|
Custom log parsing and indexing |
|
|
Log collection and processing rate |
20,000 logs/second with peak event handling capacity up to 25,000 logs/second. For Windows event logs the EPS is 2000 logs/second. |
Up to 10,000 logs/second |
Log formats supported |
Windows event log |
|
|
Syslog |
|
|
Any format – with custom log Parsing and indexing technology |
|
|
Amazon Web Services (AWS) EC2 Instance |
|
|
Application logs supported |
Proprietary applications [Microsoft IIS Web Server, FTP Server (W3C logs), Apache Web Server, DHCP Windows, DHCP Linux |
|
|
Database applications [Oracle Audit, MS SQL Server] |
|
|
Any in-house or custom application |
|
|
Other devices supported |
Custom devices [IBM AS400 (iSeries), VMware] |
|
|
Custom devices
- Firewalls
- Intrusion Detection System/ Intrusion Prevention System (IDS/IPS)
- Anti-virus application
- Mail and web application
- Vulnerability Scanners
- Unified threat management solutions
- Symantec DLP Application
- FireEye
- Symantec Endpoint Solution
|
|
|
Alerts and notifications |
Real-time alerts |
|
Not specified |
Notification – email and SMS. |
|
Email: Yes / SMS: No |
Run automated scripts as alert response |
|
|
Compliance alerts |
|
|
In-built incident management module |
|
|
Forward tickets to external help desk software |
ServiceDesk Plus, ServiceNow, Jira Service Desk, Zendesk, Kayako, and BMC Remedy Service Desk. |
Not specified |
Threat intelligence |
Real-time alerts for global blacklisted IPs intruding the network. |
|
|
Advanced threat analytics |
|
Not specified |
Reports |
File integrity monitoring |
|
|
Canned reports |
|
|
Custom reports |
|
|
Scheduled reports |
|
|
Report distribution via email |
|
|
Reports in PDF, CSV and HTML formats |
|
|
Drill down to raw logs |
|
|
Filter using mouse gesture |
|
Not specified |
Management specific reports (Ask ME) |
|
|
Trend reports |
|
|
Privileged user activity monitoring reports |
|
|
Log search |
Advanced search using Boolean, wildcards, grouped search, range search, phrase search |
|
|
Formatted log search |
|
|
Raw log search |
|
|
Save search result as report and as alerts |
|
Not specified |
Compliance reports |
Canned reports |
|
|
Customizing existing report |
|
|
Creating new compliance reports |
|
|
PCI-DSS |
|
|
HIPAA |
|
|
syslFISMA |
|
|
SOX |
|
|
GLBA |
|
|
ISO 27001 |
|
|
Real-time event correlation |
Event correlation |
|
|
Field-level filters to build correlation rules |
|
|
Pre-defined rules to detect various attacks, including ransomware, brute-force and more |
|
|
User session monitoring |
|
|
File Integrity Monitoring |
Reports on file integrity monitoring |
|
|
Report scheduling |
|
|
Real-time alerts when critical changes are made to files/folders that are being monitored |
|
|
Audit trail of file/folder changes |
|
|
Log archiving |
Flexible periodicity |
|
Not specified |
Flexible retention |
|
Not specified |
Secured (Encrypted) |
|
|
Service provider features |
User based views |
|
|
User based dashboards |
|
|
Rebranding |
|
|
User management |
Realm and user-based access |
|
|
Active Directory (AD)-based user authentication |
|
|
RADIUS server-based user authentication |
|
|
Other Key Features |
Incident workflows |
|
|
UEBA |
|
|
Risk assessment |
|
Not specified |
Implementation |
Easy to install |
|
|
Web-based client |
|
|
Appliance-based |
|
|
System requirements |
Bundled database (PostgreSQL/MySQL) |
|
|
Windows & Linux platforms support |
|
|
64-bit support |
|
|
Pricing |
Pricing basis |
Based on the number of servers, devices and applications. |
Based on GB/day of logs and storage capacity. |
Subscription model |
Annual basis |
Available |
Perpetual licensing model |
|
|