Top and Trend Reports


 

‚ÄčThe Top and Trend Reports section in the Reports tab lists the top devices, users, and processes generating important events. You can click the View All link to view all the reports in this section in a single page.

 

Top N Reports
 
Trend Reports

Trend reports let you analyze the performance of devices based on specific metrics, over a period of time. Trend monitoring helps in historical analysis of the performance of the Windows and UNIX devices on your network. 

You can monitor trends of events generated across devices, based on event severity, event type or alerts triggered. Trend reports in EventLog Analyzer show a comparison of the current and historical trends. Hourly and weekly trend reports are available. The trend reports are available for both working and non-working hours.

 

Note: Look at 'Configure Working Hours' to know more about configuring working hours.

 

Beneath each graph, the Show Details link displays tabular information corresponding to the graph.

 

Top N Reports

Top Devices by User Access

This report shows the top 'N' number of devices with maximum number of successful logins and the top 'N' number of devices with maximum number of failed login attempts.

While the former is useful in tracking usage trends of devices, the latter is important in analyzing which devices are subject to the most number of security breaches. 

You can use this report to decide if security policies need to be changed with respect to certain devices, or tighten security measures across the network.

 

Top Users by Login

This report shows the top 'N' number of users with maximum number of successful logins, and the top 'N' number of users with maximum number of failed login attempts.


 

This report shows you users with frequent login attempts, the devices which they access, and the times of access. Successful and failed attempts are both shown, hence you can use this report to identify errant users on the network, and set up security policies to track such users.

 

Top Interactive Login

This report shows the users with maximum number of successful interactive logins, and the users with maximum number of failed interactive login attempts.

 

This report shows you users with frequent interactive login attempts, the devices which they access, and the times of access. Successful and failed attempts are both shown, hence you can use this report to identify errant users on the network, and set up security policies to track such users.

 

Top Devices by Event Severity

This report sorts event logs received from all devices by severity, and shows the devices with maximum number of logs of each event severity. At one glance, you can see which devices have been generating a higher number of critical events, warning events, and so on. By default, the devices generating maximum number of events of all severities is shown. Use the View Severity drop-down to select an event severity of your choice.

 

You can use this report to quickly identify the devices that may be experiencing problems, thereby accelerating the troubleshooting process.

 

Note: Some event severities are applicable only to Unix devices.


Top Processes by Event Severity

This report sorts event logs received from all processes (across all devices) by severity, and shows the processes with maximum number of logs of each event severity. At one glance, you can see which processes have been generating a higher number of critical events, warning events, and so on. By default, the processes generating maximum number of events of all severities is shown. Use the View Severity drop-down to select an event severity of your choice.

 

You can use this report to identify the processes with problems, investigate suspicious behavior of critical devices, determine if there has been a worm or virus attack in the network, and also see which devices have been affected, thereby reducing network downtime.

 

Trend Reports

 

Event Severity Trend Reports

This trend report lets you see how events of all severities have been generated across device groups. Current and Historical Trends are shown on an hourly and daily basis. You can choose from the ten severity levels in the View Severity box, or see trends of all severities.

 

Event Type/Category Trend Reports

This trend report lets you see trends of events generated, based on event type - Application, System, or Security. You can choose the type from the View Type box, or see trends of all event types. Current and Historical Trends are shown on an hourly and daily basis.

 

Alerts Trend Reports

This trend report shows you current and historical trends of alerts triggered on an hourly, as well as daily basis.

Get download link