Event Alerts

EventLog Analyzer keeps you informed about security events of interest with its alerting feature. The solution audit logs identifies indicators of compromise (IoCs) and notifies you via SMS or email as required.

The alerts are categorized on three severity levels: Attention, Trouble, and Critical. The severity level indicates the degree of importance associated with the alert. This helps you prioritize alerts and remediate them quickly.

EventLog Analyzer offers a powerful real-time event response system with which you can generate:

• Security event alerts including those for imported logs
• Compliance-specific event alerts.
• File integrity monitoring alerts for critical changes occurring in sensitive files/folders.

Predefined and custom alert profiles

EventLog Analyzer provides 1000+predefined alerting criteria that address a wide range of security use cases. You can also customize alert profiles based on your needs. With additional parameters such as the threshold and time range, you can specify the precise criteria for the alert to be triggered. This helps you be informed about any critical event that might affect your organization's security.

Remediation through alerts

You can also manage a security incident within the EventLog Analyzer console or by raising tickets in an external ticketing tool like ServiceDesk Plus, ServiceNow, Jira Service Desk, Zendesk, Kayako, and BMC Remedy Service Desk. This ensures accountability and helps build an effective event response system.

You can also designate a workflow for a triggered alert to automatically initiate responses such as disabling the affected Active Directory user account, shutting down a system, and killing a process.

The list of all alerts triggered can be viewed under the Alerts tab.