Support
 
Support Get Quote
 
 
 
 

Release notes

Build 10060

Released on 29 May 2015

  • Standalone Edition
  •  
  • Distributed Edition

 New features

Supports vulnerability data analytics
  • EventLog Analyzer 10.6 supports log collection and analysis of vulnerability scanners such as Nessus, Qualys, NMAP, and OpenVas.It provides 50+ predefined reports and alert conditions exclusively for vulnerability data analytics that help prioritizing the vulnerabilities and thus help to proactively mitigate security attacks.
Supports threat intelligent solution's log data
  • The latest version of EventLog Analyzer supports log data analysis of endpoint security solutions such as FireEye, Symantec Endpoint solution, and Symantec DLP application. The solution provides predefined reports and alert criteria that helps identifying and containing security threats at the earliest
vCenter log monitoring
  • EventLog Analyzer 10.6 supports vCenter log monitoring. It provides on-the-fly reports and alert conditions that help monitoring vCenter activities such as Datastore changes, permission changes, host changes, Resourcepool changes and more.
Supports GPG13 compliance
  • as EventLog Analyzer now provides out-of-the-box reports and alerts that help HMG organizations comply to GPG13 compliance.

 Enhancements

  • Added new rule to parse the shun-attacks.

 Fixes

  • Fixed the issue of Database folder increase due to improper cleaning of throwaway tables.
  • Fixed Firefox Unix icon display issue.
  • Fixed the issue associated with Universal Log Parsing and Indexing (ULPI) for user specified logs.
  • Fixed the parsing issue with IBM AS400.
  • Issues related to juli log growth and serverout growth had been fixed.
  • emoved weak cipher 'Ephemeral DH ciphers' from the secure connection.
  • Fixed the time order issue on trend reports.
  • Fixed the false disk space alert with remote desktop connection.
  • Issue related to RunQuery.do has been fixed.

 Enhancements

  • Managed Server contains all the features of EventLog Analyzer Standalone Edition Version 10.7 Build 10070
  • No changes specific to Distributed Edition Admin Server in this release

Build 10000

Released on 23 Jan 2015

  • Standalone Edition
  •  
  • Distributed Edition

 New features

  • Log collection and processing rate has been improved to 10x from the previous mark. EventLog Analyzer version 10 and above can handle 20,000 logs per second with the peak log handling capacity of 25,000 logs per second
  • 1000+ out-of-the-box reports for security, compliance and operations needs
  • Enhanced real-time event response system with 600+ predefined alert criteria for Windows, Linux/Unix, Applications and Network Device environment.

 Enhancements

File Integrity Monitoring
  • Ability to filter critical changes to files/folders based on the file type
  • Ability to display the process name and domain name in file integrity monitoring reports
  • Option to enable and disable File Integrity Monitoring
  • Addition of more default templates
  • Ability to save/edit alert and report enhancement with option to select User Name & Change Type
  • Ability to drill down the file integrity monitoring report graph
  • File attribute changes and ownership changes are now being captured under critical file/folder changes
Search
  • Ability to save the search results as alerts
  • Inclusion of auto suggestions for field values
  • Sorting of the index data for improved search performance
Correlation
  • Custom correlation rule builder that allows to create pattern based alerting by selecting the existing correlation rules
  • Ability to specify the threshold limits for each rule in the defined pattern.
Session Activity Changes
  • Added Duration and Log off time fields at 'Session Activity' page
  • Ability to search through the session activity reports
  • Session activity reports can now be saved

 Fixes

  • Fix to enabling AD authentication issue while importing user from AD groups.
  • Fix to the search pagination issue
  • Vulnerability fixes - URL Injection
    • Authentication problems
    • Database injection
    • Stored password encryption changes
    • Agent zip extraction
  • Fix to the User based and iSeries User based Reports breaks while exporting with no user name in the database
  • Fix to the PDF export issue that occurred after mouse hover search from Custom Reports, while exporting all the events instead of filtered events.
  • Fix to Event ID based direct export breaks when severtity parameter is not appended in URL
  • Custom alert 'Not Equals' was not working for option 'Type'. This issue was fixed.

 Enhancements

  • Managed Server contains all the features of EventLog Analyzer Standalone Edition Version 10.0 Build 10000
  • No changes specific to Distributed Edition Admin Server in this release

Build 9000

Released on 23 Apr 2014

  • Standalone Edition
  •  
  • Distributed Edition

 New features

  • Real-time Event Correlation
    • Real-time correlation for proactive threat management
    • 50+ out-of-the-box correlation rules on various categories viz., File Management, Group Management, Authentication, Authorization, Audit Policy, Software Management and more
  • Out-of-the-box reports for ISO 27001:2013 Standards
  • Supports Terminal Server Log Analysis out-of-the-box
  • Supports EventLog Analyzer user audit trail

 Enhancements

  • File Integrity Monitoring
    • File Integrity Monitoring reports now include the name of the user who made the change
    • Modified File Integrity Monitoring Report page
  • Field Extraction for SFTP application log import is now added
  • Archive encryption using AES 256 algorithm is now supported
  • Supports EventLog Analyzer user audit trail
  • Reports Enhancements
    • Performance of Report Extraction in PDF and CSV format is enhanced
    • Summary details for User Based Reports is now included
  • Adding Hosts
    • Supports import of host list from a CSV file
    • Existing hosts that are added will be automatically hidden from the Pick List Window
  • Customize Notification settings
    • Supports sending notification only once and pausing the notification for a day/week/month

 Fixes

The following issues have been fixed in this release:

  • In predefined compliance alert profile creation can now have the Windows 2008 type event IDs
  • EventLog Analyzer version 9.0 can now handle the string '\' in Log message fields of reports, alerts and filters
  • Issue with the resetpwd.bat file in troubleshooting folder is fixed
  • Out of memory error during log import is fixed
  • 'Notes' field in the Custom Report Creation wizard now has the character limit of 250
  • Issue with the specification of multiple log messages separated by a comma, in report creation wizard is fixed
  • Issue with the working of Radius Authentication is fixed
  • Supports syslog import with 'Automatically Identify' option
  • Issue in log import schedule for a multiline log is now fixed
  • Issue in archive purging of Postgres database is fixed
  • 'Advanced Alert' option in 'Custom Alert Profile' creation page
    • Supports specification of multiple Event IDs separated by a comma
    • Supports alert criteria edit even if the criteria is specified within double quotes
  • Issue with updation of SQL information in ChangeDBServer.bat file with $ in the password section is fixed
  • Specific Scheduled AD User import issue is fixed
 

 Enhancements

GA release of EventLog Analyzer Distributed Edition.

  • Managed Server contains all the features of EventLog Analyzer Standalone Edition Version 9.0 Build 9000
  • No changes specific to Distributed Edition Admin Server in this release
  Try out our latest features now!
Download the service pack

Be our voice

 

Tell us your story

Fill simple case studies and win exciting gifts.

Do it now!
 

We are all ears

Would you take a moment and write a review for us?

Yes, I'd love to
 

Be a part of our alpha group

You can access our beta builds exclusively before we release them.

Subscribe now

Did you know?

  • QWhat is the difference between the Free and Paid editions? 
    A

    The Free Edition of EventLog Analyzer is limited to handling event logs from a maximum of five log sources, whereas the Standalone and Distributed editions can handle event logs from 10 - 1,000 log sources and 50 - unlimited number of log sources respectively.

  • QDoes the trial version have any restrictions? 
    A

    The trial version is a fully functional version of EventLog Analyzer Standalone edition. When the trial period expires, EventLog Analyzer automatically regresses to the Free Edition.

  • QDo I have to reinstall EventLog Analyzer to upgrade from the free version to the paid version?  
    A

    No, you do not have to reinstall or shut down the server. You just have to upload the new license file.

Events

We can't wait to meet you!

Upcoming events
 

Resources

Get your hands on the latest ebooks, whitepapers, and videos curated by our experts

Get resources now
 

Expert talks

We've demystified cybersecurity. Dwell into these easy reads and be at the top of your IT security game.

Take me there
 

EventLog Analyzer Trusted By

Los Alamos National Bank Michigan State University
Panasonic Comcast
Oklahoma State University IBM
Accenture Bank of America
Infosys
Ernst Young

Customer Speaks

  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

Awards and Recognitions

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
A Single Pane of Glass for Comprehensive Log Management