Other than Windows Event Logs, EventLog Analyzer also collects System Logs (Syslogs) from all network devices, such as routers, switches, Linux and Unix hosts, and many other syslog supported devices. It analyzes and generates reports for the same. The Syslogs are then archived, the same way as the Windows event logs, for forensics and regulatory compliance needs.
EventLog Analyzer has an in-built Syslog server. It collects the syslog events in real-time by listening to the syslog port (UDP). You can also configure more than one port to listen to syslog. This is useful when some of your devices are sending the Syslog using some other port. In other log management applications you may require a separate Syslog server or forwarder.
EventLog Analyzer analyzes the Syslogs and generates on-the-fly reports which are used by Network Administrators to monitor network activities, detect suspicious behaviors (anomaly detection) and also provide auditors with compliance reports (SOX, HIPAA, PCI, etc..)
EventLog Analyzer also archives Syslogs from across platforms and heterogeneous devices. This makes it very versatile and best suited for enterprises which have multi-vendor hosts and devices.