icon-pdfDownload PDF lhs-panel
lhs-panel Click here to expand

Device Summary

Overview:

The Device Summary is EventLog Analyzer's analytical console to view the overall device summary events and contextual data. Users can find the machine summary and event summary for the selected period, top active users, file monitoring events, device severity events, and alerts summary.

device-snapshot

Access:

Users can access the Device Summary from multiple dashboards of EventLog Analyzer such as Reports, Log Source, Alerts, Incidents and others.

Note:
  • Guest role members have no access to Device Summary.
  • Refer to the Technician and Roles page to customize configurations.

From Log Sources page:

device-snapshot

From Reports:

device-snapshot

From Compliance:

device-snapshot

From Correlation

device-snapshot

From Log Source Configuration page:

device-snapshot

From Log Search:

device-snapshot

From Alerts:

device-snapshot

From Incidents

device-snapshot

Analysis

Along with the device summary, users can also access the activity overview for the configured web servers, databases, endpoint security solutions, and vulnerability scanners.

IIS Overview

device-snapshot

FireEye Overview

device-snapshot

OpenVas Overview

device-snapshot

Device Summary usage:

device-snapshot

  1. Device list dropdown: Click on the dropdown option and select from the list of devices to analyze.
  2. Switching between devices: Click on the arrows to proceed to the previous device or next device.
  3. User activity details: Click on specific users in the Top 5 Currently Active Users section to view the Interactive Sessions History with domain details, session details, and events history.

    4. device-snapshot

Click on Details in the Interactive Sessions History popup to view the individual Event Details containing Event ID, Process Name, Domain details and Access Rights

device-snapshot

On this page

Copyright © 2020, ZOHO Corp. All Rights Reserved.

Get download link