Windows Event Log Reports

Exhaustive Ready to Run Reports that meets all your Security and Compliance Needs

EventLog Analyzer's comprehensive reporting console provides you with 1000+ on-the-fly reports that helps you to effortlessly meet your enterprise's security and compliance goals.The automated reports are profoundly categorized providing the ease of access and are provided with an intuitive drill-downable graphs that help you in better analysis of your network infrastructure.

The reporting console provides different levels of data with its

With the reporting console you can

User Activity Monitoring

  • Logon/Logoff Reports

    Monitor user Logon and Logoff activities across your network devices including Windows & Unix systems, Domain Controllers, VmWare, Terminal Server Gateways, AS 400, Network devices, Database servers and more. With the real-time predefined reports get comprehensive details such as

    Logon/Logoff Reports
    • number of user initiated logon/logoffs
    • remote interactive logon/logoffs
    • logon attempts using explicit credentials

    The reporting console also provides you with the logon/logoff trend report and top logon/logoff based on users/hosts/remote hosts/domain report with intuitive graphs that gives you better visibility on your user activities.

  • Reports on Logon Failure

    Simplify your analysis on pre-authentication failures, logon/logoff failure events and get better visibility into your confidential data access and authentication system with the exhaustive reports of EventLog Analyzer. The solution provides you with the set of reports on reasons for logon failures happening on your Windows Infrastructure such as reports for

    Reports on Logon Failure
    • Failed logons due to bad password
    • Logon failures due to bad/invalid username
    • Failed logons due to account disabled
    • Logon failures due to account lockouts/password expiry/account expiration
    • Logon failures happened at non-working hours

    EventLog Analyzer also provides you with the reports for reasons for logon failures for your AS400 environment.

Security Auditing

  • Preventing Internal Data Loss

    Prevent business sensitive data leaving your corporate walls with effective removable disk and print server auditing. Get to know which user accesses the USB device on what machine and when with exhaustive removable disk auditing reports.The top events report in removable disk auditing provides details about the top users/hosts that experience high rate of data transfer. Get to know

    Preventing Internal Data Loss
    • When the USB device is plugged in
    • Which files/folders are being copied to the USB device
    • What files are being created on the removable disk
    • From which machine the files are being copied and by whom

    Print Server Auditing

    With the print server auditing, get the detailed information on what documents are being printed by the users and who prints the document with insufficient privileges and more. Monitor your printer activity over a period of time with Trend reports from EventLog Analyzer.Get to know in real-time

    • What documents are being printed
    • Which documents are being printed with insufficient privileges
    • Documents that are moved/resumed/paused/deleted from being printed
  • Database Auditing

    Monitor database activities and privileged users database actions with detailed SQL and Oracle database auditing reports. It also provides you report for database server account management. Get to know when a role/users for database is created, deleted. The reports also provide you information on database credential changes and failed password changes.

    Get your Oracle, SQL DDL and DML activities audited with EventLog Analyzer's out-of- the-box reports. EventLog Analyzer also provides the report for

    Database Auditing
    • Database Server startup & shutdown
    • Logon events and Failed logon events of Oracle & SQL Servers
    • Database backup and restoration
    • Created/dropped server roles
    • Server audit specification creation/deletion and modification and more.

    EventLog Analyzer also provides you with the reports for reasons for logon failures for your AS400 environment.

  • Server Infrastructure monitoring

    Combat security threats and unauthorized access to critical data on your server by auditing activities on the server with EventLog Analyzer's reports. The solution helps you to monitor and audit the activities happening on Terminal Server, DHCP Windows/Linux Server, IIS FTP Server, IIS and Apache Web Servers.

    Server Infrastructure monitoring
    • Audit Terminal Server Gateway, IIS FTP Server, IIS and Apache Webserver logons
    • Get information on session duration, bytes transferred and received via the Terminal Server Gateway
    • Get to know the Top users, clients and resources who participate in Terminal Server communication
    • Audit FTP Server operations such as File uploads, downloads, deletions, Password changes, and more
    • Get to know the details such as Bad requests, request time out, and more occurred on Apache and IIS web servers with the Error Reports.

    EventLog Analyzer also provides out-of-the-box reports that help you to monitor DNS and AD DNS Servers. Get ready to run reports for activities such as

    • DNS Server Errors from Active Directory
    • Failed DNS Server DS Record Loads
    • Failed DNS Server Zone Transfer
    • Refused DNS Server Zone Transfer and more
  • System Auditing

    Monitor and get reports for activities happening at Windows workstations, IBM AS400 system, Network devices such as routers, firewall, and switches.

    System Auditing
    • Track Windows processes and registry changes
    • Get to know the details of successful and failed windows back and restores
    • Get details on router traffic, configurations, accepted connections and more
    • Track AS400 system events. Get to know when a
      • User profile changes
      • Object is deleted
      • Job is changed
      • Ownership is changed and more

    EventLog Analyzer also provides the reports that help to check the status of Applications running in your environment. It provides detailed reports on Application crashes that help in identifying the cause of the crash and thus reduces the troubleshooting cycle. Get to know the

    • Application errors
    • When does your application hang and why
    • Occurrence of Blue Screen of Death (BSoD) and more

Account Management

  • User Account Management

    EventLog Analyzer's user account management reports help you to track and audit all the user management actions. With these reports get to know who created a suspicious privileged account, misusing their privileged rights to modify the user account passwords and more.

    User Account Management

    EventLog Analyzer provides real-time reports for user management actions such as

    • User account creation/deletion/modification
    • User account password changes & resets
    • Failed password changes & resets
    • User account lockouts
    • Unlocked user accounts
    • User account's expiry changes
    • User account's logon workstation changes
  • System Account Management

    Track the computer account management and group management and prevent internal security threats with EventLog Analyzer's account management reports. These automated reports not only help you to audit your active directory at regular intervals but also allows you to review your account management policies thus preventing the data loss due to internal security breach. The reports provide detailed information on

    System Account Management
    • Security Group/Distribution Group life cycle
    • Members added/removed from the Security Group & Distribution group
    • Computer account life cycle
    • Network devices account management and more
  • Change Management

    Track and audit your group policy and OU changes with out-of-the-box reports of EventLog Analyzer. Prevent the internal security threats at the earliest by detecting privilege access misuse. Get to know who changed the group policy settings or who created an unauthorized OU/ User account with EventLog Analyzer's Change Management reports. With these reports, get to know

    Change Management
    • When a user right assigned/removed and by whom
    • When, where and who created/deleted/modified OU and GPOs
    • Audit policy (SACL) on Object Changes
    • Authentication policy changes
    • Domain policy changes and more.

    EventLog Analyzer also provides reports that give detailed information on registry changes such as when was a registry created/deleted/modified/ accessed, failed registry creation/modification/deletion and more.

Threat Detection

  • Identify and Analyze security threats

    Analyze attack patterns and mitigate future security attacks by constantly monitoring the state of your network perimeter devices for threat indicators. With the detailed attack reports of EventLog Analyzer perform forensic analysis on security attacks which help in sealing the security loopholes in your network. EventLog Analyzer provides reports on

    EventLog Analyzer provides real-time reports for user management actions such as

    Identify and Analyze security threats
    • Dos Attacks
    • Downgrade Attacks
    • Replay Attacks
    • Terminal Server Attacks
    • DoS Attack Entered in defensive mode
    • Subsided Dos Attacks and more
  • Mitigating Firewall Threats

    Identify attack attempts on your firewall device with EventLog Analyzer's Firewall Threat reports.These reports provide exhaustive information such as The solution provides detailed reports for

    Mitigating Firewall Threats
    • Spoof Attack
    • Internet Protocol half-scan Attack
    • Flood Attack
    • Ping of death Attack
    • SYN Attack
  • Prevent Database Security Threats

    Get the complete trail of your Database attacks with EventLog Analyzer's database security reports. These reports provide complete information on database attacks such as

    Prevent Database Security Threats
    • SQL Server/Oracle SQL Injection events
    • SQL Server/Oracle Denial of Service

    EventLog Analyzer also helps in proactively mitigating database security threats by providing detailed information on initial stages of attack attempts. It provides the reports for Oracle/SQL Server Account lockouts and Privilege abuse which help in mitigating the threat at the earliest.

  • Track unauthorized applications running in your environment

    Limit the security attacks at your network by preventing the use of unauthorized applications. Enable and monitor application whitelisting and thereby allow only specific set of applications to run in your environment. Quickly view the applications that are allowed/denied to run in your environment with EventLog Analyzer's application whitelisting reports. These reports allow you to constantly monitor and revise your application whitelisting policies thus helping you to perform daily definition updates with an ease. With these reports, get to know detailed information such as

    Track unauthorized applications running in your environment
    • Applications that are allowed/not allowed to run
    • Applications that are not allowed to run due to enforced rules
    • Software that are restricted to access programs and more

File Integrity Monitoring

  • Monitor who gets accessed to your business confidential data in real-time with EventLog Analyzer's File Integrity Monitoring reports. EventLog Analyzer also provides top- level
    reports based on users/hosts/file type for the critical file operations.These reports provide information on critical file operations such as

    EventLog Analyzer provides real-time reports for user management actions such as

    File Integrity Monitoring
    • File/folder deletion
    • Confidential data modification
    • File creation
    • Access to critical data
    • File permission changes
    • Failed file creation, modification, deletion and more
Customer Speaks
 
"Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application."
Jim Lloyd
Information Systems Manager
First Mountain Bank