Support
 
Support Get Quote
 
 
 
 

 

IT 合規和 SIEM 記錄檔管理軟體

ManageEngine EventLog Analyzer 是一個功能全面的安全資訊和事件管理 (SIEM) 解決方案,可自動進行記錄檔管理、記錄檔收集、分析、事件關聯、檔案完整性監控、記錄檔搜尋和封存,從單個控制台便能滿足合規性和 SIEM 需求。

EventLog Analyzer 可在以下方面協助安全管理員:

  • 即時事件關聯

    EventLog Analyzer 強大的關聯引擎可高效識別您記錄檔中已定義的攻擊模式。其關聯模組可提供 20 多個預先定義的關聯規則,協助偵測可能的威脅,還提供了易於使用的規則建立器,其中包含了網路動作的類別清單,您可按需拖放以變更順序。

    EventLog Analyzer還提供了各攻擊模式的詳細報表、所有已發現威脅的概觀報表以及針對每個已識別攻擊模式的記錄檔時間線。

    合規報表

    EventLog Analyzer 可即時監控您的網路資料,讓您生成預先定義的合規報表,如 PCI DSS、FISMA、GLBA、SOX、HIPAA、ISO 27001、GDPR 等。此解決方案幫助組織將記錄檔資料保留自訂期限。靈活的記錄檔資料封存期限可幫助管理員執行取證分析,滿足合規稽核要求。

    通用記錄收集

    EventLog Analyzer 可收集異質資料源的記錄檔,包括 Windows 伺服器和工作站、Linux 和 Unix 系統、網路裝置、應用程式、威脅情報解決方案和漏洞掃描器。此外,EventLog Analyzer 的自訂記錄檔剖析器還可解讀任何來源和記錄檔格式的記錄檔資料。

  • 檔案完整性監控

    EventLog Analyzer 會跟蹤所有變更,並在建立、存取、檢視、刪除、修改和重新命名檔案和資料夾時即時傳送警報。您可獲得完整的稽核報表,涵蓋了檔案和資料夾變更關於「誰、什麼時候、在哪裡、執行了什麼動作」等問題的所有答案。

    記錄檔取證

    所收集的記錄檔會自動加密、附上時間並封存到集中式存放庫中。EventLog Analyzer 可讓您向下鑽研未經處理記錄資料,執行根本原因分析,找到導致安全事故的準確記錄檔項目。

    即時警報

    EventLog Analyzer 擁有 500 余個預先定義的警報可供您選擇,無需設定警報設定檔,提升作業效率。出現網路異常時,您可即時收到簡訊和電子郵件警報。此外,警報機制還包括執行自訂在觸發警報時的指令碼。

Customer Speaks
  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
     
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
     
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
     
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • I love the alerts feature of the product. We are able to send immediate alerts based on pretty much anything we can think of. We send alerts when certain accounts login, or when groups are changed, etc. That has been very helpful. Also the automatic archive of the log files has been very helpful and has taken the worry out of keeping old logs. The “Ask Me” function is very nice as well. It is great to have some natural language queries built in where you can just click a button and get an answer.
     
    Jim Earnshaw
    Senior Computer Specialist
    Department of Chemistry
    University of Washington
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
     
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

EventLog Analyzer受信任

Los Alamos National Bank
Michigan State University
Oklahoma State University
IBM
Infosys
Ernst Young
Accenture
Bank of America
Panasonic
Comcast