Meet SIEM Needs with EventLog Analyzer
EventLog Analyzer is the most cost-effective Security Information and Event Management (SIEM) solution available in the market. EventLog Analyzer meets all critical SIEM capabilities such as log aggregation from heterogeneous sources, log forensics, event correlation, real-time alerting, file integrity monitoring, log analysis, user activity monitoring, object access auditing, compliance reporting, and log retention.
"Provides solid SIEM functionality at a reasonable cost"
- SC Magazine
EventLog Analyzer is recognized in 2017 Gartner Magic Quadrant for SIEM. View Report
EventLog Analyzer SIEM Capabilities
EventLog Analyzer aggregates logs from heterogeneous sources (Windows systems, Unix/Linux systems, Applications, Databases, Routers, Switches and other Syslog devices) at a central place. EventLog Analyzer using its Universal Log Parsing and Indexing (ULPI)
technology allows you to decipher any log data regardless of the source & log format.
EventLog Analyzer makes forensic investigation very easy by allowing you to use its powerful log search
functionality to search on both the raw and formatted logs and instantly generate forensic reports based on the search results.
EventLog Analyzer enables network administrators to search the raw logs to pinpoint the exact log entry which caused the security activity, find the exact time at which the corresponding security event had happened, who initiated the activity and also, the location from where the activity originated.
Correlation of events and production of alerts in real-time allows network administrators to proactively keep their network secure from threats. With EventLog Analyzer you can configure rules and scripts to correlate events based on threshold conditions or anomalous events and notify in real-time for any threshold violations or network anomalies.
EventLog Analyzer’s powerful correlation engine comes bundled with over 70 out-of-the-box correlation rules that cover user access, user logins, file integrity, user creation, group policies, unintended software installations and more
EventLog Analyzer facilitates real time file integrity monitoring (FIM) by protecting sensitive data and meeting compliance requirements. With EventLog Analyzer's file integrity monitoring capability, security professionals can now centrally track all changes happening to their files and folders such as when files and folders are created, accessed, viewed, deleted, modified, renamed and much more.
EventLog Analyzer performs log analysis in real-time and displays the analyzed log data into easy to understand charts, graphs and reports. Users can easily drill down through log data shown on the dashboard to get more insights and do a root cause analysis within minutes. The solution also provides real-time alerts based on the latest threat intelligence from STIX/TAXII threat feeds
Exhaustive reports are provided for user monitoring by EventLog Analyzer. This enables tracking suspicious behavior of users including privileged administrative users (PUMA)
You get precise information of user access such as which user performed the action, what was the result of the action, on which server it happened and track down the user workstation from where the action was triggered.
EventLog Analyzer lets you know what actually happened to your files and folders - who accessed them, deleted them, edited them, moved them, where the files and folders went, etc. EventLog Analyzer provides object access reports in user friendly formats (PDF and CSV) and sends alerts when your sensitive files / folders are accessed by unauthorized people in real-time via sms or email.
You get precise information of object access such as which user performed the action, what was the result of the action, on which server it happened and track down the user workstation/network device from where the action was triggered.
Compliance is the core of SIEM and with EventLog Analyzer organizations can meet regulatory compliance requirements by monitoring and analyzing log data from all the network devices and applications. EventLog Analyzer allows you to generate pre-defined/canned compliance reports such as PCI DSS
EventLog Analyzer retains historical log data to meet compliance requirements, for conducting log forensic investigation and internal audits. All retained log data is hashed & time-stamped to make it tamper-proof. EventLog Analyzer retains all machine generated logs - system logs, device logs & application logs to a centralized repository.