- Free Edition
- What's New?
- Key Highlights
- Suggested Reading
- All Capabilities
-
Log Management
- Event Log Management
- Syslog Management
- Log Collection
- Agent-less Log Collection
- Agent Based Log collection
- Windows Log Analysis
- Event Log Auditing
- Remote Log Management
- Cloud Log Management
- Security Log Management
- Server Log Management
- Linux Auditing and Reporting
- Auditing Syslog Devices
- Windows Registry Auditing
- Privileged User Activity Auditing
-
Application Log Management
- Application Log Monitoring
- Web Server Auditing
- Database Activity Monitoring
- Database Auditing
- IIS Log Analyzer
- Apache Log Analyzer
- SQL Database Auditing
- VMware Log Analyzer
- Hyper V Event Log Auditing
- MySQL Log Analyzer
- DHCP Server Auditing
- Oracle Database Auditing
- SQL Database Auditing
- IIS FTP Log Analyzer
- IIS Web Log Analyzer
- IIS Viewer
- IIS Log Parser
- Apache Log Viewer
- Apache Log Parser
- Oracle Database Auditing
-
IT Compliance Auditing
- ISO 27001 Compliance
- HIPAA Compliance
- PCI DSS Compliance
- SOX Compliance
- GDPR Compliance
- FISMA Compliance Audit
- GLBA Compliance Audit
- CCPA Compliance Audit
- Cyber Essentials Compliance Audit
- GPG Compliance Audit
- ISLP Compliance Audit
- FERPA Compliance Audit
- NERC Compliance Audit Reports
- PDPA Compliance Audit reports
- CMMC Compliance Audit
- Reports for New Regulatory Compliance
- Customizing Compliance Reports
-
Security Monitoring
- Threat Intelligence
- STIX/TAXII Feed Processor
- Threat Whitelisting
- Real-Time Event Correlation
- Log Forensics
- Incident Management System
- Automated Incident Response
- Linux File Integrity Monitoring
- Detecting Threats in Windows
- External Threat Mitigation
- Malwarebytes Threat Reports
- FireEye Threat Intelligence
- Application Log Management
- Security Information and Event Management (SIEM)
- Real-Time Event Alerts
- Privileged User Activity Auditing
-
Network Device Monitoring
- Network Device Monitoring
- Router Log Auditing
- Switch Log Monitoring
- Firewall Log Analyzer
- Cisco Logs Analyzer
- VPN Log Analyzer
- IDS/IPS Log Monitoring
- Solaris Device Auditing
- Monitoring User Activity in Routers
- Monitoring Router Traffic
- Arista Switch Log Monitoring
- Firewall Traffic Monitoring
- Windows Firewall Auditing
- SonicWall Log Analyzer
- H3C Firewall Auditing
- Barracuda Device Auditing
- Palo Alto Networks Firewall Auditing
- Juniper Device Auditing
- Fortinet Device Auditing
- pfSense Firewall Log Analyzer
- NetScreen Log Analysis
- WatchGuard Traffic Monitoring
- Check Point Device Auditing
- Sophos Log Monitoring
- Huawei Device Monitoring
- HP Log Analysis
- F5 Logs Monitoring
- Fortinet Log Analyzer
- Endpoint Log Management
- System and User Monitoring Reports
-
Log Management
- Product Resources
- Related Products
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- ADSelfService Plus Identity security with MFA, SSO, and SSPR
- DataSecurity Plus File server auditing & data discovery
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- RecoveryManager Plus Enterprise backup and recovery tool
- SharePoint Manager Plus SharePoint Reporting and Auditing
- AD360 Integrated Identity & Access Management
- AD Free Tools Active Directory FREE Tools
Each day, Sophos firewall generate huge amounts of syslog data, which can be incredibly difficult to monitor all on your own. With EventLog Analyzer, you can archive syslogs to meet compliance mandates as well as conduct thorough forensic investigation to gain valuable insights should anything go wrong, such as a network intrusion.
EventLog Analyzer sifts through your logs for you, allowing you to keep tabs on the critical events occurring in your network. Quickly run predefined reports for all your Sophos firewalls, along with reports for other network device vendors as well. Associate each report with real-time alerts to instantly detect and mitigate security threats.
In addition to reports and real-time alerts, you can use the log search function in EventLog analyzer to backtrack through security incidents for a thorough forensic investigation. With all of these features, you can stay in the loop so you'll know about all network activities in real time, giving you full control over your Sophos firewall logs.
EventLog Analyzer's out-of-the-box Sophos network security device monitoring reports.
Logon monitoring reports: These reports list all the successful logons to the firewall as well as the hosts and users with the highest number of logons to help you identify trends in logon patterns.
Failed logon monitoring reports: Similar to successful logon reports, these reports list all failed logon attempts to the firewall as well as the hosts and users with the highest number of failed logons; you'll also be able to view a report identifying the trends in failed logon patterns.
Reports on allowed traffic: These reports detail all the connections that pass through the firewall into the network so you can more easily identify traffic patterns and trends.
Reports on denied connections: Similar to allowed traffic reports, these reports detail all the connections that are denied access to the network, providing you with traffic patterns and trends as well.
IDS/IPS reports: These reports not only list possible and critical attacks, but they identify the source and destination devices most frequently involved in attack attempts as well. You can also view an attack trend report.
Severity monitoring reports: These reports classify log information by severity and are useful for accessing all events (including emergency, error, critical, alert, warning, notice, information, and debug) in a single click.
Key features of EventLog Analyzer:
- A user-friendly interface with an intuitive dashboard.
- Over 60 out-of-the-box reports for Sophos firewalls that aid in security and compliance auditing.
- Easily customizable report templates to meet internal policy needs.
- Custom compliance reports to fulfill growing compliance standards.
- Real-time email and SMS alerts on configuration changes and events of interest.
- Powerful log forensic analysis with a high-speed log search engine that uses various search algorithms, including Boolean, range, wild card, group searches, and more.
