- Free Edition
- What's New?
- Key Highlights
- Suggested Reading
- All Capabilities
-
Log Management
- Event Log Management
- Syslog Management
- Log Collection
- Agent-less Log Collection
- Agent Based Log collection
- Windows Log Analysis
- Event Log Auditing
- Remote Log Management
- Cloud Log Management
- Security Log Management
- Server Log Management
- Linux Auditing and Reporting
- Auditing Syslog Devices
- Windows Registry Auditing
- Privileged User Activity Auditing
-
Application Log Management
- Application Log Monitoring
- Web Server Auditing
- Database Activity Monitoring
- Database Auditing
- IIS Log Analyzer
- Apache Log Analyzer
- SQL Database Auditing
- VMware Log Analyzer
- Hyper V Event Log Auditing
- MySQL Log Analyzer
- DHCP Server Auditing
- Oracle Database Auditing
- SQL Database Auditing
- IIS FTP Log Analyzer
- IIS Web Log Analyzer
- IIS Viewer
- IIS Log Parser
- Apache Log Viewer
- Apache Log Parser
- Oracle Database Auditing
-
IT Compliance Auditing
- ISO 27001 Compliance
- HIPAA Compliance
- PCI DSS Compliance
- SOX Compliance
- GDPR Compliance
- FISMA Compliance Audit
- GLBA Compliance Audit
- CCPA Compliance Audit
- Cyber Essentials Compliance Audit
- GPG Compliance Audit
- ISLP Compliance Audit
- FERPA Compliance Audit
- NERC Compliance Audit Reports
- PDPA Compliance Audit reports
- CMMC Compliance Audit
- Reports for New Regulatory Compliance
- Customizing Compliance Reports
-
Security Monitoring
- Threat Intelligence
- STIX/TAXII Feed Processor
- Threat Whitelisting
- Real-Time Event Correlation
- Log Forensics
- Incident Management System
- Automated Incident Response
- Linux File Integrity Monitoring
- Detecting Threats in Windows
- External Threat Mitigation
- Malwarebytes Threat Reports
- FireEye Threat Intelligence
- Application Log Management
- Security Information and Event Management (SIEM)
- Real-Time Event Alerts
- Privileged User Activity Auditing
-
Network Device Monitoring
- Network Device Monitoring
- Router Log Auditing
- Switch Log Monitoring
- Firewall Log Analyzer
- Cisco Logs Analyzer
- VPN Log Analyzer
- IDS/IPS Log Monitoring
- Solaris Device Auditing
- Monitoring User Activity in Routers
- Monitoring Router Traffic
- Arista Switch Log Monitoring
- Firewall Traffic Monitoring
- Windows Firewall Auditing
- SonicWall Log Analyzer
- H3C Firewall Auditing
- Barracuda Device Auditing
- Palo Alto Networks Firewall Auditing
- Juniper Device Auditing
- Fortinet Device Auditing
- pfSense Firewall Log Analyzer
- NetScreen Log Analysis
- WatchGuard Traffic Monitoring
- Check Point Device Auditing
- Sophos Log Monitoring
- Huawei Device Monitoring
- HP Log Analysis
- F5 Logs Monitoring
- Fortinet Log Analyzer
- Endpoint Log Management
- System and User Monitoring Reports
-
Log Management
- Product Resources
- Related Products
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- ADSelfService Plus Identity security with MFA, SSO, and SSPR
- DataSecurity Plus File server auditing & data discovery
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- RecoveryManager Plus Enterprise backup and recovery tool
- SharePoint Manager Plus SharePoint Reporting and Auditing
- AD360 Integrated Identity & Access Management
- AD Free Tools Active Directory FREE Tools
The importance of application log management
Applications are responsible for the bulk of end-user activity in an organization, ranging from simple day-to-day tasks to complex business operations. In short, applications run businesses, and critical business applications, such as file servers, database servers, and mail servers, require constant monitoring to ensure a timely response to threats. For instance, web server logs can provide valuable insights on the web traffic of the network. A sudden flurry of SYN requests from few IP addresses might indicate a denial-of-service attack being executed against the organization.
Application logs record all related activities to give you critical insights on what is going on in your organization.
Application log analytics
Application log analytics refers to the process of searching, analyzing, and interpreting the log data collected from different applications. This process helps to monitor the application's functionality and troubleshoot errors. Apart from operational assistance, application log analysis also helps ensure overall network security by detecting suspicious activities in the application platform, spotting security threats, and mitigating attacks in their early stage.
EventLog Analyzer: A centralized application log management tool
ManageEngine EventLog Analyzer delivers the ability to collect and parse information from multiple application logging systems in near real time. Some of the supported application log types are:
- Apache access logs
- DHCP Linux logs
- DHCP Windows logs
- IBM Maximo logs
- IIS W3C FTP logs
- IIS W3C Web Server logs
- MSSQL Server logs
- MySQL logs
Automated and centralized log management gives you the power to make sense of millions of standalone application events. EventLog Analyzer is the most comprehensive package for managing your application logs, allowing you to customize, schedule, and distribute reports. It also delivers instant alerts and a powerful log search capability.
Manage database application logs
EventLog Analyzer provides predefined reports and alerts for two of the most widely used database servers, Microsoft SQL Server and Oracle Database.
The solution enables you to:
- Analyze server activity with information on various database objects as well as administrator logons and logoffs.
- Sift through data definition language and data manipulation language transactions to understand usage patterns.
- Identify database attack attempts using security reports so you can take steps to protect your business-critical data.
Audit web server activity
EventLog Analyzer provides predefined reports for Microsoft IIS and Apache web servers.
With EventLog Analyzer you can:
- Analyze web server usage information with reports that identify your top visitors, accessed pages, methods of access, and more.
- Improve server performance with error reports that help you recognize errors occurring in your server.
- Inspect the various attack attempts on your web servers to discover points that are vulnerable to external intruders.
Review DHCP server performance
EventLog Analyzer analyzes the Dynamic Host Configuration Protocol (DHCP) application server logs, both Linux and Windows, and generates reports on the various stages of the DHCP process, complete with information on the IP and MAC addresses involved. These reports help you identify any issues or anomalies in the process and maintain the performance of your DHCP servers.
Manage other application server logs
EventLog Analyzer also provides out-of-the-box support for print servers and Microsoft terminal servers. You can audit print server logs to prevent data theft, and keep resource use in check. It also allows you to keep an eye on terminal server logs to monitor remote connections to your network.
Custom application log parser
EventLog Analyzer's powerful custom log parser enables log collection from any source, including your custom in-house applications. You can also:
- Create custom (new) fields or extract fields from raw logs by using the interactive Field Extraction UI.
- Easily define patterns to identify and extract custom fields.
EventLog Analyzer instantly generates a report once you import custom logs.
It supports everything from analysis of historical application log data to instant notifications for new events. With simple and easy-to-interpret reports, EventLog Analyzer enables you to monitor your organization's network and gain insights into all of your applications.
Other features
Syslog management
Collect and analyze Syslog data from routers, switches, firewalls, IDS/IPS, Linux/Unix servers, and more. Get in-depth reports for every security event. Receive real-time alerts for anomalies and breaches.
Windows event log monitoring
Analyze event log data to detect security events such as file/folder changes, registry changes, and more. Study DDoS, Flood, Syn, and Spoof attacks in detail with predefined reports.
IT compliance management
Comply with the stringent requirements of regulatory mandates viz., PCI DSS, FISMA, HIPAA, and more with predefined reports & alerts. Customize existing reports or build new reports to meet internal security needs.
Active Directory Log Monitoring
Monitor all types of log data from Active Directory infrastructure. Track failure incidents in real-time and build custom reports to monitor specific Active Directory events of your interest.
Privileged user monitoring
Monitor and track privileged user activities to meet PUMA requirements. Get out-of-the-box reports on critical activities such as logon failures, reason for logon failure, and more.
Print Server Management
Monitor and audit print server with detailed reports on documents printed, attempts to print documents without proper permission, failed print jobs and their causes, and more.
Need Features? Tell Us
If you want to see additional features implemented in EventLog Analyzer, we would love to hear. Click here to continue
