Support
 
Support Get Quote
 
 
 
 

Other Resources

Home » White Papers

    Overview

    EventLog Analyzer is a web-based, real-time, log monitoring and compliance management solution for Security Information and Event Management (SIEM) that improves internal network security and helps you to comply with the latest IT audit requirement. Using an agent-less architecture, EventLog Analyzer can collect, analyze, search, report, and archive an extensive array of machine generated logs received from Systems (Windows, Linux, UNIX…), Network Devices (routers, switches, etc…), Applications (Oracle, Apache, etc…) and then provides important insights into network user activities, policy violations, network anomalies, system downtime, and internal threats. It is used by network administrators and IT mangers to perform network system audits and generate regulatory compliance reports for SOX, HIPAA, PCI DSS, GLBA, etc. 

    You can use EventLog Analyzer to:

    • Monitor network activities of servers, workstations, devices, and applications spread across geographies
    • Monitor user activities like user logons/logoffs, failed logons, objects accessed, etc…
    • Generate reports for top network events, user activities, and network event trends
    • Generate compliance reports for PCI-DSS, HIPAA, FISMA, SOX, GLBA and other regulatory acts
    • Perform log forensics by searching across any log format and save the search results as reports
    • Configure automatic alert notification through email or SMS for specific events, network anomalies and compliance threshold violations
    • Execute custom scripts or programs on alert generation to automatically remediate the security issue
    • Create custom IT reports to address internal security audit
    • Create custom compliance reports for IT Auditors
    • Schedule reports for auto generation and distribution
    • Tamper-proof and secure archival of log data for forensic analysis and compliance audits

     

    Get log data from machines and applications

    ManageEngine EventLog Analyzer collects, analyzes, searches, reports, and archives on event logs from distributed Windows hosts; syslogs from Linux/UNIX hosts, Routers, Switches and other syslog devices; application logs from IIS Web/FTP Servers, Print Servers, MS SQL Server, Oracle Database Server, DHCP Windows/Linux Servers. For real-time Windows event log collection, DCOM, WMI, RPC has to be enabled in the remote windows machine for the logs to be collected by EventLog Analyzer. For real-time syslog collection ensure that the syslog listener ports in EventLog Analyzer are configured to listen to the port where the syslog or syslog-ng service is running on that particular (Cisco Device or UNIX or HP-UX or Solaris or IBM AIX) machine. And for application logs, EventLog Analyzer can be scheduled to import logs (HTTP or FTP) periodically from the application hosts. You can also import and analyze the older logs from Windows and Linux machines.

     

    Search any log data and extract new fields to extend search

    EventLog Analyzer provides a powerful ‘universal log search’ engine for all types of machine generated logs.  Universal log search is made possible with the help of ‘field extraction’ procedure, where you can define/extract new fields from your log data, in addition to the set of default fields that EventLog Analyzer automatically parses and indexes.  Once a new field has been ‘extracted’, EventLog Analyzer automatically parses and indexes these new fields from the new logs that are received by EventLog Analyzer subsequently; this drastically improves your search performance and helps EventLog Analyzer handle any kind of log formats.

     

    Get IT audit reports generated to assess the network security and comply with regulatory acts
    EventLog Analyzer provides a set of canned reports addressing important aspects of internal security. The reports are, top N reports about network events, network user activity, network audit (compliance), and network activity trends. The software has the flexibility to create unlimited number of custom reports to address your IT department’s complex requirements. Over and above the set of canned reports for SOX, HIPAA, GLBA, FISMA and PCI, EventLog Analyzer also allows you to create customized reports for other compliance requirements like ISO27001/2, Federal Deposit Insurance Corporation (FDIC) Audit Requirements, etc. With this software you can schedule periodical report generation and distribute to various users in different formats.

     

    Real-time event correlation, instant alert notification and quick remediation
    EventLog Analyzer comes with another versatile feature, real-time event correlation and instant alert notifications. You can configure alerts to correlate events based on threshold conditions or anomalous events and notify in real-time for any threshold violations or network anomalies.  You can get instant notification via email and SMS. You can also execute a custom script or program upon alert generation and take quick remedial action to secure your network assets.

     

    EventLog Analyzer Trusted By

    Los Alamos National Bank Michigan State University
    Panasonic Comcast
    Oklahoma State University IBM
    Accenture Bank of America
    Infosys
    Ernst Young

    Customer Speaks

    • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
      Benjamin Shumaker
      Vice President of IT / ISO
      Credit Union of Denver
    • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
      Joseph Graziano, MCSE CCA VCP
      Senior Network Engineer
      Citadel
    • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
      Joseph E. Veretto
      Operations Review Specialist
      Office of Information System
      Florida Department of Transportation
    • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
      Jim Lloyd
      Information Systems Manager
      First Mountain Bank
    TestimonialsCase Studies

    Awards and Recognitions

    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    A Single Pane of Glass for Comprehensive Log Management
    Log ManagementLog AnalysisIT ComplianceSIEMQuick LinksRelated Products

    A Single Pane of Glass for Comprehensive Threat Management

    Free Trial Get Quote
    Email Download Link