EventLog Analyzer alerts
The primary purpose of auditing network logs is to discover events of interest, whether they provide general information or call for further investigation. EventLog Analyzer sifts through volumes of log data and presents the information in simple, intuitive reports. However, it is practically impossible to manually keep up with the reports throughout the day, as they are constantly updated with the latest log data. EventLog Analyzer solves this problem with its real-time alerts feature. With this feature, you can:
- Get real-time notifications through email or SMS when any event of interest occurs
- Assign a program to be run upon alert generation.
- Categorize alerts into three priorities: high, medium, and low.
- Configure which hosts, or host groups, are to be monitored for the events.
- Provide additional parameters such as the specific users or domains that you want to trigger alerts.
- Specify how many times, and within how many minutes, an event should occur for the alert to be triggered.
- Choose from over 500 predefined alert criteria or define custom alerts.
- Be alerted for any compliance policy specific events.
- Receive alerts for custom correlations, such as when the correlation of two or more events calls for further investigation.
Predefined alert profiles
- EventLog Analyzer includes over 500 predefined alert criteria for Windows, Unix, applications, network devices, threats, and vulnerability scanners.
- Predefined alert profiles eliminate the need to create alerts for the most common events, saving the administrator time and energy.
Custom alert profiles
- Build custom alert profiles by defining all criteria from scratch, tailoring to your specific needs.
- Provide basic and advanced options.
Compliance alert profiles
- Compliance alerts are automatically triggered in case of any compliance policy -specific events.
- Include or exclude the events that pertain to your environment.
Correlation triggered alerts
- EventLog Analyzer allows correlations to be made between two or more events.
- Create custom correlation rules by combining EventLog Analyzer's 70+ predefined rules.