EventLog Analyzer alerts
The primary purpose of auditing network logs is to discover events of interest, whether they provide general information or call for further investigation. EventLog Analyzer sifts through volumes of log data and presents the information in simple, intuitive reports. However, it is practically impossible to manually keep up with the reports throughout the day, as they are constantly updated with the latest log data. EventLog Analyzer solves this problem with its real-time alerts feature. With this feature, you can:
- Get real-time notifications through email or SMS when any event of interest occurs
- Assign a program to be run upon alert generation.
- Categorize alerts into three priorities: high, medium, and low.
- Configure which device, or device groups, are to be monitored for the events.
- Provide additional parameters such as the specific users or domains that you want to trigger alerts.
- Specify how many times, and within how many minutes, an event should occur for the alert to be triggered.
- Choose from over 500 predefined alert criteria or define custom alerts.
- Be alerted for any compliance policy specific events.
- Receive alerts for custom correlations, such as when the correlation of two or more events calls for further investigation.
Predefined alert profiles
- EventLog Analyzer includes over 500 predefined alert criteria for Windows, Unix, applications, network devices, threats, and vulnerability scanners.
- Predefined alert profiles eliminate the need to create alerts for the most common events, saving the administrator time and energy.
Custom alert profiles
- Build custom alert profiles by defining all criteria from scratch, tailoring to your specific needs.
- Provide basic and advanced options.
Compliance alert profiles
- Compliance alerts are automatically triggered in case of any compliance policy -specific events.
- Include or exclude the events that pertain to your environment.
Correlation triggered alerts
- EventLog Analyzer allows correlations to be made between two or more events.
- Create rules for custom correlation alerts combining events from your routers, firewalls, servers, and other devices. These custom correlation alerts are highly accurate, as all events are validated with those from other devices.
EventLog Analyzer offers log management, file integrity monitoring, and real-time event correlation capabilities in a single console that help meeting SIEM needs, combat security attacks, and prevent data breaches.
Comply with the stringent requirements of regulatory mandates viz., PCI DSS, FISMA, HIPAA, and more with predefined reports & alerts. Customize existing reports or build new reports to meet internal security needs.
Monitor critical changes to confidential files/folders with real-time alerts. Get detailed information such as 'who made the change, what was changed, when and from where' with predefined reports.
Get 1000+ predefined reports for Windows, Unix/Linux, applications, & network devices environment that help to meet security, auditing, & compliance needs. Build custom reports for specific needs at ease.
Centrally manage collect, analyze, correlate, and archive log data from sources across the network. Get predefined reports and real-time alerts that help meeting the security, compliance, and operational needs.
Perform in-depth forensic analysis to backtrack attacks and identify the root cause of incidents. Save search queries as alert profile to mitigate future threats.
Need Features? Tell Us
If you want to see additional features implemented in EventLog Analyzer, we would love to hear. Click here to continue