Support
 
Support Get Quote
 
 
 
 

WatchGuard traffic monitoring

WatchGuard traffic monitoring

EventLog Analyzer is a centralized, web-based tool that provides IT compliance and log management functionality for all WatchGuard security devices and virtual private networks (VPNs). The intuitive, easy-to-use interface offers administrators end-to-end log monitoring and management, agent and agent-less log collection methods, custom log parsing, complete log analysis with reports and alerts, a powerful log search engine, and flexible log archiving options.

EventLog Analyzer monitors and stores every new log, along with its timestamp, size, and WatchGuard device information. This makes it easy to load, analyze, and generate reports from archived logs.

Since EventLog analyzer is capable of handling heterogenous logs, it is possible to standardize WatchGuard logs along with other network device logs so they share a common format. This makes it easier to monitor and correlate logs from different devices to get a better understanding of the overall data flow through the network. All logs collected by WatchGuard devices, such as WatchGuard Firebox, can be archived regardless of their pre-defined interval. This way, you can create and load archived files into your database at any time.

WatchGuard Networks log monitoring reports

EventLog Analyzer has an extensive set of out-of-the-box reports exclusively for WatchGuard networks that are broadly classified into ten categories:

Allowed traffic reports

View all the connections that pass through your firewall into your network, and monitor traffic patterns and trends. 

Available Reports

Denied connection reports

View all the connections that have been denied access to your network, and monitor traffic patterns and trends as well.

Available Reports

Website traffic reports

Track allowed traffic, traffic trends, and monitor website traffic based on source, destination, protocol, and port.

Available Reports

Logon reports

Monitor all successful logons to your firewall, the hosts and users with the most logons, and logon trends.

Available Reports

Failed logon reports

Track all unsuccessful logons to your firewall, the hosts and users with the most failed logons, and failed logon trends. 

Available Reports

Firewall account management reports

Manage and monitor your firewall accounts by tracking account change information and identifying all new and deleted administrators.

Available Reports

Firewall policy management reports

Analyze changes made to firewall rules and network monitoring policies to get a head start on periodically cleaning up your firewall policies.

Available Reports

Firewall intrusion detection/prevention system (IDS/IPS) reports

Monitor vulnerabilities and identify the source and destination devices most frequently involved in attack attempts; view an attack trend report as well.

Available Reports

System event reports

Monitor system events such as WatchGuard firewall configuration changes, clock updates, system status changes, and services that failed to start.

Available Reports

Severity reports

Analyze WatchGuard device logs to get a clear picture of the events happening in your network based on their severity. Monitor all access points, security events based on severity (such as emergency, alert, or error), and warning events. 

Available Reports

You can add your own customizable reports in addition to the existing set of exhaustive reports. Schedule both existing reports and user-created reports to export them to PDF or CSV and automatically email them to stakeholders.

Some of the benefits of monitoring WatchGuard devices and VPNs with EventLog Analyzer include:

  • Secure and tamper-free log archiving.
  • Intuitive and user-friendly interface.
  • Powerful log forensics that enable robust searches.
  • Custom compliance reports to fulfill compliance standards.
  • Easily customizable report templates to meet internal policy needs.
  • Real-time email and SMS alerts on configuration changes and events of interest.

Network device monitoring with EventLog Analyzer

Customer Speaks
  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
     
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
     
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
     
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • I love the alerts feature of the product. We are able to send immediate alerts based on pretty much anything we can think of. We send alerts when certain accounts login, or when groups are changed, etc. That has been very helpful. Also the automatic archive of the log files has been very helpful and has taken the worry out of keeping old logs. The “Ask Me” function is very nice as well. It is great to have some natural language queries built in where you can just click a button and get an answer.
     
    Jim Earnshaw
    Senior Computer Specialist
    Department of Chemistry
    University of Washington
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
     
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

EventLog Analyzer Trusted By

A Single Pane of Glass for Comprehensive Threat Management