EventLog Analyzer offers over a thousand prebuilt reports, available in the Reports tab of the UI. The reports can be scheduled as required.
Carry out the following configurations in the Windows devices to allow generation of the prebuilt reports:
Add the following to the Windows Registry:
| Reports | New keys |
| Program Inventory Reports | Microsoft-Windows-Application-Experience/Program-Inventory |
| Application Whitelisting Reports | Microsoft-Windows-AppLocker/EXE and DLL Microsoft-Windows-AppLocker/MSI and Script |
| Windows Backup & Restore Reports | Microsoft-Windows-Backup |
| Windows Firewall Auditing Reports | Microsoft-Windows-Windows Firewall With Advanced Security/Firewall |
| USB Plugged in & out | Microsoft-Windows-DriverFrameworks-UserMode/Operational |
| Windows System Events | Microsoft-Windows-GroupPolicy/Operational Microsoft-Windows-NetworkProfile/Operational Microsoft-Windows-WindowsUpdateClient/Operational Microsoft-Windows-Winlogon/Operational Microsoft-Windows-WLAN-AutoConfig/Operational Microsoft-Windows-TerminalServices-Gateway/Operational Microsoft-Windows-TerminalServices-RDPClient/Operational Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational Microsoft-Windows-Wired-AutoConfig/Operational |
|
Hyper-V Server Events Hyper-V VM Management Reports |
Microsoft-Windows-Hyper-V-Worker-Admin Microsoft-Windows-Hyper-V-VMMS-Storage Microsoft-Windows-Hyper-V-VMMS-Networking Microsoft-Windows-Hyper-V-VMMS-Admin Microsoft-Windows-Hyper-V-Hypervisor-Operational |
To enable Firewall Auditing Security logs in Event Viewer.