What is in this guide
Introduction
- Overview
- Release Notes
- Introduction
Setup the Product
- Setup
- System Requirements
- Install and Uninstall
- Prerequisites
- Start and Shutdown
- Connect to Server
- Database Backup
- License Details
Get Started
- Get Started
- Add Devices
- Import Application Logs
- Monitor AWS EC2 Windows Instance Logs
- Enable IBM iSeries (AS/400) Audit Logs
User Interface
- Tabs
- Customize Dashboard Views
EventLog Analyzer Reports
- EventLog Analyzer Reports
- Configuring out-of-the-box reports
- Managing Predefined Reports
- Managing Report Views
- Reports for Networking Devices
- Reports for Windows Environment
- Reports for Unix Environment
- Reports for Applications
- Top and Trend Reports
- User - based Reports
- Favourite Reports
- Reports for vCenter
- Reports for HP Switches
- Reports for Arista Devices
- Reports for Barracuda Devices
- Reports for CheckPoint Devices
- Reports for Cisco Firepower Devices
- Reports for Fortinet Devices
- Reports for Huawei Devices
- Reports for Juniper Devices
- Reports for Malwarebytes Devices
- Reports for Meraki Devices
- Reports for NetScreen Devices
- Reports for Palo Alto Devices
- Reports for pfSense Devices
- Reports for SonicWall Devices
- Reports for Sophos Devices
- Reports for WatchGuard Devices
- Reports for F5 Devices
- Create Custom Reports
- Schedule Reports
- Create IBM iSeries (AS/400) custom reports
Threat Intelligence Data Analytics
- Threat Intelligence Data Analytics
Vulnerability Data Analytics
- Vulnerability Data Analytics
- Vulnerability reports
Real-time Event Correlation
- Real-time Event Correlation
- Understanding Correlation
- Correlation Reports
- Creating Custom Correlation Rules
- Managing Correlation Rules
- Activity Reports
- Configuring External Applications
Compliance Reports
- Compliance Reports
- FISMA Compliance Reports
- PCI DSS Compliance Reports
- SOX Compliance Reports
- HIPAA Compliance Reports
- GLBA Compliance Reports
- GPG13 Compliance Reports
- Cyber Essentials Reports
- ISO 27001:2013 Compliance Reports
- ISLP Compliance Reports
- NRC Compliance Reports
- GDPR Compliance Reports
- Create New Compliance Reports
- CoCo Compliance Reports
- NERC Compliance Reports
- CCPA Compliance
Search Logs
- Search Logs
- How to Search Logs
- How to Extract New Fields
- Tagging Tool
Alerts
- Alerts
- Create Alert Profile
- View Log Alerts
- Incident Workflow Management
- API documentation
- Installation instruction
- Snippets
- API FAQs
Configurations
- Configurations
- Device Management
- Import Logs
- Manage Applications
- File Integrity Monitoring
- Manage FIM Templates
- Manage Threat Source
- Threat Management
- Advanced Threat Analytics
- Manage Vulnerability Data
- Device Group Management
- Manage vCenter
- Log Forwarder
Admin Settings
- Admin Settings
- Agent Administration
- Archive
- Technicians and Roles
- Logon Settings
- Log360 Cloud
- Domains and Workgroups
- Working Hour Settings
- Product Settings
- DB Retention Settings
- Log Collection Filter
- Log Collection Alerts
- Report Profiles
- Resource Grouping
- Custom Log Parser
- Tags
- Dashboard Profiles
System Settings
- System Settings
- Notification Settings
- Manage Account TFA
- NT Service
- Connection Settings
- Re-branding
- Server Diagnostics
- Database Access
- Reset Log Collector
- Log Level Settings
- Port Management
Help, Questions, and Tips
- Troubleshooting Tips
- Frequently Asked Questions
- EventLog Analyzer Help
Additional Utilities
- Additional Utilities
- Working with SSL
- Configure Microsoft SQL Database
- Migrate data from PostgreSQL to Microsoft SQL database
- Migrate data from MySQL to Microsoft SQL database
- Move Database to Different Directory in the Same Machine
- Move Installation to Another Machine
- Migrate Indexes to Latest Version
Distributed Edition
- Introduction to Distributed Edition
- Converting to Admin Server
- Converting to Managed Server
- Frequently Asked Questions
Technical Support
- Technical Support
- EventLog Analyzer Support - Create SIF offline
- EventLog Analyzer Technical Support - Contact

View Log Alerts

The Alerts tab lists details of all alerts triggered (if you have not set up any alert profiles, the tab directs you to do so). You can view the timestamp of the alert, the device which triggered it, the severity, the status of the alert, and the message.

Filtering Alert Profiles

On the left pane you can select the appropriate filter option to view:

All Alerts: All alerts generated by the network.
My Alerts: Alerts assigned to the logged in user.
Assigned Alerts: All alerts that have been assigned an owner.
Unassigned Alerts: All alerts yet to be assigned an owner.
Critical Alerts: All high priority alerts.
Profile Based Alerts: Alerts from a specific alert profile.
Correlation Alert Profiles: Alerts from a specific correlation rule.

Alert Configurations

The left pane also gives you access to the following alert configuration options:

Manage alert profile: The manage alert profile page allows you to add/delete, edit and update notification settings, enable/disable, export/import the various alert profiles.
Add alert: Add a new alert profile.
Manage incident configuration: Configure an external help desk software (ServiceDesk Plus, ServiceNow, Jira Service Desk, Zendesk, Kayako, and BMC Remedy Service Desk) to forward alerts to.
Assign rules: Create and prioritize rules to automatically assign incoming alerts to an owner, based on the device/device group which generates the alert.

Get download link