Eventlog Analyzer

ManageEngine Eventlog Analyser

EventLog Analyzer is an 

IT Compliance & Event Log Management Software

 for SIEM

Your organizations IT infrastructure generate huge amount of logs every day and these machine generated logs have vital information that can provide powerful insights and network security intelligence into user behaviors, network anomalies, system downtime, policy violations, internal threats, regulatory compliance, etc. However, the task of analyzing these event logs and syslogs without automated log analyzer tools can be both time-consuming and painful if done manually.

EventLog Analyzer provides the most cost-effective Security Information and Event Management (SIEM) software on the market. Using this Log Analyzer software, organizations can automate the entire process of managing terabytes of machine generated logs by collecting, analyzing, searching, reporting, and archiving from one central location. This event log analyzer software helps to mitigate internal threats, conduct log forensics analysis, monitor privileged usersand comply to different compliance regulatory bodies by intelligently analyzing your logs and instantly generating a variety of reports like user activity reports, regulatory compliance reports, historical trend reports, and more.

Which EventLog Analyzer Edition is suitable for you?

EventLog Analyzer is available in three editions addressing the requirements of small, medium businesses and large enterprises. Explore the editions and choose the one which suits your requirement.

What problems does it solve?

EventLog Analyzer helps monitoring internal threats to the enterprise IT resources and tighten security policies in the enterprise. The eventlog analyzer software generates reports to comply with various regulations such as Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX), and Payment Card Industry Data Security Standards (PCI) and archives logs for the purpose of network/compliance auditing and forensic analysis. The eventlog analyser software also reduces system downtime, and increases network performance in the enterprise. It helps system administrators to troubleshoot problems on hosts, select applications, and the network. The logs event manager software helps organizations meet host-based Security Information Event Management (SIEM) objectives.

What features does it offer?

Centralized event log management, Compliance reporting, Automatic alerting, Historical trending, Security analysis, Host grouping, Pre-built event reports, Customizable report profiles, Report scheduling, Multiple report formats.

 

 

Centralized Log Collection

 
  • Agentless log collection (optional agents available)
  • Collects logs from heterogeneous sources (Windows systems, Unix/Linux systems, Applications, Databases, Routers, Switches and other Syslog devices) at a centralized location
 

Compliance Reports

 
  • Generate pre-defined/canned compliance reports for Event logs & Syslogs, to meet HIPAA, GLBA,PCI DSS, SOX, FISMA and more
  • Provides value added new feature to create custom report for new compliance to help comply with growing new regulatory acts demanding compliance in future
 
 
 

Universal Log Parsing & Indexing

 
  • Decipher any log data regardless of the source and log format
  • Allows you to index any machine-generated logs (provided it is in human readable, non-encrypted format) by defining and extracting log fields of your choice using regular expression (regex) patterns
 
 
 

Log Search

 
  • Search for anything, not just a handful of pre-indexed fields, and quickly detect network anomalies - misconfigurations, viruses, user activities, system/applications errors, etc.
  • Conduct a search using Wild-cards, Phrases andBoolean operators
  • Users can also conduct Grouped searches andRange searches.
   
 

Privileged User Monitoring

 
  • Collects and analyzes all events on privileged user activities
  • Get precise information of user access such as which user performed the action, what was the result of the action, on which server it happened and track down the user workstation from where the action was triggered
 

Log Forensics

 
  • Drill down to raw logs events and do a root cause analysis within minutes, and drastically reduce the time-to-remediate
  • Generate network forensic reports like user activity reports, system audit reports, regulatory compliance reports, etc.
  • Pinpoint the exact log entry which caused the security activity in minutes
   
 

Real-time Alerting

 
  • Automatic alerting allows you to receive real-time alert notifications directly via Email, SMS or Program execution
  • Set Alert based on specific type of compliance violation for HIPAA, GLBA, PCI-DSS, SOX,FISMA, etc., based on failed logon attempts, policy changes, account changes, and audit logs cleared
 

Log Archive

 
  • Automatically archives all machine generated logs, system logs, device logs & application logs to a centralized repository
  • Encrypts the event log archive files to ensure the log data is secured for future forensic analysis, compliance and internal audits.
  • Archived log data is hashed & time-stamped to make it tamper-proof
   
 

Internal Threat Monitoring

 
  • Analyzes security events and identifies unauthorized and failed logins, and rogue user(s) in real-time
  • Set alerts for suspicious hosts, and monitor events exclusively to find out who is responsible for them
 

Schedule Reports

 
  • Pre-defined and custom reports can be scheduled to be generated at specified time intervals
  • Get reports in multiple report formats, like PDF, CSV, and schedule them to run periodically, and even get them emailed to multiple administrators

 

What platforms and devices does it support?

EventLog Analyzer can collect and report on event logs from the following operating systems, devices, and applications: Windows NT/2000/XP/Vista/2003 & 2008 Servers, Linux - RedHat, Debian, UNIX - Solaris, HP-UX, IBM AS/400, Switches and Routers - Cisco and others, SNARE for Windows, MS IIS - Web server, MS IIS - FTP server, MS SQL server, Oracle database server, DHCP - Windows and DHCP - Linux.