SIEM

Meet SIEM Needs with EventLog Analyzer

EventLog Analyzer is the most cost-effective Security Information and Event Management (SIEM) solution available in the market. EventLog Analyzer meets all critical SIEM capabilities such as log aggregation from heterogeneous sources, log analysis, compliance reporting, file integrity monitoring, user activity monitoring, object access auditing, event correlation, real-time alerting, log forensics, and log retention.

SIEM Whitepaper
siem-sclogo"Provides solid SIEM functionality at a reasonable cost"
- SC Magazine
EventLog Analyzer is recognized in 2016 Gartner Magic Quadrant for SIEM. View Report

EventLog Analyzer SIEM Capabilities

Log Data Aggregation
EventLog Analyzer aggregates logs from heterogeneous sources (Windows systems, Unix/Linux systems, Applications, Databases, Routers, Switches and other Syslog devices) at a central place. EventLog Analyzer using its Universal Log Parsing and Indexing (ULPI) technology allows you to decipher any log data regardless of the source & log format.
Log Forensics
EventLog Analyzer makes forensic investigation very easy by allowing you to use its powerful log search functionality to search on both the raw and formatted logs and instantly generate forensic reports based on the search results.
EventLog Analyzer enables network administrators to search the raw logs to pinpoint the exact log entry which caused the security activity, find the exact time at which the corresponding security event had happened, who initiated the activity and also, the location from where the activity originated.
Event Correlation and Alerting
Correlation of events and production of alerts in real-time allows network administrators to proactively keep their network secure from threats. With EventLog Analyzer you can configure rules and scripts to correlate events based on threshold conditions or anomalous events and notify in real-time for any threshold violations or network anomalies.
EventLog Analyzer’s powerful correlation engine comes bundled with over 70 out-of-the-box correlation rules that cover user access, user logins, file integrity, user creation, group policies, unintended software installations and more
Read More
File Integrity Monitoring
EventLog Analyzer facilitates real time file integrity monitoring (FIM) by protecting sensitive data and meeting compliance requirements. With EventLog Analyzer's file integrity monitoring capability, security professionals can now centrally track all changes happening to their files and folders such as when files and folders are created, accessed, viewed, deleted, modified, renamed and much more.
Log Analysis
EventLog Analyzer performs log analysis in real-time and displays the analyzed log data into easy to understand charts, graphs and reports. Users can easily drill down through log data shown on the dashboard to get more insights and do a root cause analysis within minutes.
User Monitoring
Exhaustive reports are provided for user monitoring by EventLog Analyzer. This enables tracking suspicious behavior of users including privileged administrative users (PUMA).
You get precise information of user access such as which user performed the action, what was the result of the action, on which server it happened and track down the user workstation from where the action was triggered.
Object Access Auditing
EventLog Analyzer lets you know what actually happened to your files and folders - who accessed them, deleted them, edited them, moved them, where the files and folders went, etc. EventLog Analyzer provides object access reports in user friendly formats (PDF and CSV) and sends alerts when your sensitive files / folders are accessed by unauthorized people in real-time via sms or email.
You get precise information of object access such as which user performed the action, what was the result of the action, on which server it happened and track down the user workstation/network device from where the action was triggered.
Compliance Reports
Compliance is the core of SIEM and with EventLog Analyzer organizations can meet regulatory compliance requirements by monitoring and analyzing log data from all the network devices and applications. EventLog Analyzer allows you to generate pre-defined/canned compliance reports such as PCI DSS, FISMA, GLBA, SOX, HIPAA, etc.
EventLog Analyzer also provides a value added feature to customize existing compliance reports and also allows users to generate new compliance reports to help comply with growing new regulatory acts demanding compliance in future. Case Study: Read how TRA generated ISO 27001 Compliance report to meet their compliance requirements.
Log Data Retention
EventLog Analyzer retains historical log data to meet compliance requirements, for conducting log forensic investigation and internal audits. All retained log data is hashed & time-stamped to make it tamper-proof. EventLog Analyzer retains all machine generated logs - system logs, device logs & application logs to a centralized repository.
Other features

Log management

Centrally collect, analyze, correlate, and archive log data from sources across the network. Get predefined reports and real-time alerts that help meeting the security, compliance, and operational needs.

IT compliance management

Comply with the stringent requirements of regulatory mandates viz., PCI DSS, FISMA, HIPAA, and more with predefined reports & alerts. Customize existing reports or build new reports to meet internal security needs.

File integrity monitoring

Monitor critical changes to confidential files/folders with real-time alerts. Get detailed information such as 'who made the change, what was changed, when and from where' with predefined reports.

Log collection

Centrally collect log data from Windows servers or workstations, Linux/Unix servers, network devices viz., routers, switches, & firewalls, and applications using agent less or agent based methods.

Log analysis

Analyze log data from sources across the network. Detect anomalies, track critical security events, and monitor user behaviors with predefined reports, intuitive dashboards, and instant alerts.

Log forensics

Perform in-depth forensic analysis to backtrack attacks and identify the root cause of incidents. Save search queries as alert profile to mitigate future threats.

Need Features? Tell Us
If you want to see additional features implemented in EventLog Analyzer, we would love to hear. Click here to continue

Customer Speaks
  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
     
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
     
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
     
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • I love the alerts feature of the product. We are able to send immediate alerts based on pretty much anything we can think of. We send alerts when certain accounts login, or when groups are changed, etc. That has been very helpful. Also the automatic archive of the log files has been very helpful and has taken the worry out of keeping old logs. The “Ask Me” function is very nice as well. It is great to have some natural language queries built in where you can just click a button and get an answer.
     
    Jim Earnshaw
    Senior Computer Specialist
    Department of Chemistry
    University of Washington
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
     
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

EventLog Analyzer Trusted By

A Single Pane of Glass for Comprehensive Threat Management