EventLog Analyzer Reports
EventLog Analyzer offers highly flexible custom reports. It provides a powerful set of canned reports. The reports can be scheduled using a new scheduler or an existing scheduler. The custom report profiles can be exported to XML files and can be imported to the same or different server.
Reports are displayed in the Reports tab of the UI. The reports can be scheduled as and when required, the event counts can be drilled down to get the raw logs, and filtered based on event severity
Description of reports
The custom reports created will be listed in this section. New reports can be added; existing report can be edited or deleted. Unscheduled reports can be scheduled
The top network activities can be viewed with these reports. The top hosts accessed by most number of users, top users with most logins both successful and failed, top login results like successful, failed etc., and event severity wise top hosts and top processes are displayed in these reports.
These reports present the overview of user activities and user wise activity. The overview report of user activities can be filtered for hosts. The user wise activity report can be filtered for hosts, users, and reports
The event severity, event category and alert trend reports are available in this section. Current and historical hourly and weekly trends are available. The report is displayed in both graph and table formats. The report is available for working and non-working hours. The report can be filtered for individual severity, category
The application reports display each application specific number of events. The applications are, MS IIS W3C Web Server, MS IIS W3C FTP Server, Apache Web Server, DHCP Windows Server, DHCP Linux Server, Print Server, MS SQL Database Server, and Oracle Database Server
The General Summary of host report displays the number of events of each type that have been generated by that host in the selected time period.
EventLog Analyzer considers events such as user logon/logoff, user account changes, and server-specific events as important events, and shows them under the Important Events tab. This simplifies troubleshooting to a great extent, because you don't have to sift through rows of log information to identify a critical event. Any event that may require more than a customary glance is shown under this tab.
All the events generated by the host, are classified by process (event type) and displayed under this tab. Drill down the event count of the process, to view the event details. The event summary shows the event log source (kernel, syslog, etc.) and the facility (daemon, syslog, etc.) along with the message (event description) and the event timestamp.
||Note: For Cisco devices, EventLog Analyzer supports reports for Important Events like: Access List Hits, Configuration Changes, ISDN Disconnects, Link State Changes, and System Restarts.