EventLog Analyzer offers highly flexible custom reports. It provides a powerful set of canned reports. The reports are displayed in the Reports tab of the UI. The event counts shown in the reports can be drilled down to get the raw logs. The logs can be filtered based on various log fields.
The reports can be scheduled as and when required. The custom report profiles can be exported to XML files and can be imported to the same or different EventLog Analyzer server machine.
Description of reports
The custom reports created will be listed in this section. New reports can be added; existing report can be edited or deleted. Unscheduled reports can be scheduled
The top network activities can be viewed with these reports. The top hosts accessed by most number of users, top users with most logins both successful and failed, top login results like successful, failed etc., and event severity wise top hosts and top processes are displayed in these reports.
These reports present the overview of user activities and user based activity. The overview report of user activities gives the snapahot of most important activities of the all the users involved. It can be filtered for hosts. The user wise activity report gives the details of all the activities of individual users. It can be filtered for hosts, users, and reports
The event severity, event category and alert trend reports are available in this section. Current and historical hourly and weekly trends are available.
- Reports are displayed in both graph and table formats.
- Reports can be configured for working and non-working hours.
- Reports can be filtered for individual severity and category
The application reports display specific number of events for each application. The applications are, MS IIS W3C Web Server, MS IIS W3C FTP Server, Apache Web Server, DHCP Windows Server, DHCP Linux Server, Print Server, IBM Maximo Server, MS SQL Database Server, and Oracle Database Server
The detailed host reports display the number of events of each type that have been generated by that host in a selected time period.
EventLog Analyzer considers events such as user logon/logoff, user account changes, and server-specific events as important events, and shows them under the Important Events tab. This simplifies troubleshooting to a great extent, because you don't have to sift through rows of log information to identify a critical event. Any event that may require more than a customary glance is shown under this tab.
All the events generated by the host, are classified by process (event type) and displayed under this tab. Drill down the event count of the process, to view the event details. The event summary shows the event log source (kernel, syslog, etc.) and the facility (daemon, syslog, etc.) along with the message (event description) and the event timestamp.
||Note: For Cisco devices, EventLog Analyzer supports reports for Important Events like: Access List Hits, Configuration Changes, ISDN Disconnects, Link State Changes, and System Restarts.