EventLog Analyzer

EventLog & SysLog 관리 소프트웨어

관리 솔루션:
EventLog Analyzer는 EventLog & SysLog를 관리하기 위한 통합된 관리 소프트웨어입니다.
  • SOX, HIPAA, PCI, GLBA에 대해 미리 구축한(Pre-built) 적합성 보고서
  • EventLog 기반의 얼람과 통지
  • 포렌식(Forensics)을 위한 EventLog Analyzer 서버에서 로그의 보관
  • 엔터프라이즈에서 보안 정책에 도움
 
성공 사례
"EventLog Analyzer는 매우 쉽게 로그를 분석할 수 있습니다. 우리는 매주 많은 시간을 절약하고 있습니다."- Jin Ho, Cutera Inc. » 더 보기
 
Windows Event Log Management

Comprehensive Windows Event Log Monitoring, Analysis, Reporting and Archiving Software

Windows event log management is an important need in almost all enterprises. EventLog Analyzer can collect, analyze, report, and archive all event logs received from all the Windows systems in your network. Windows Event Log Monitor and Analysis are the important functions performed for Windows Event Log Management. As part of Windows Event Log monitoring, EventLog Analyzer collects, normalizes, aggregates Windows Event Logs. Windows Event Log Analyzer application analyzes the logs, generate pre-built reports, regulatory compliance reports, historical trend reports, and generate alerts for anomalous and specific Windows log events. Windows Event Logs need to be archived for the purpose of network auditing and more recently to comply with various regulations such as HIPAA Compliance, GLBA Compliance, PCI-DSS Compliance, and Sarbanes-Oxley (SOX or SARBOX) Compliance. Apart from this, system administrators look at event logs as a critical source to troubleshoot performance problems on hosts across the network. The need for a complete event log management solution is often underestimated; leading to long hours spent sifting through tons of event logs to troubleshoot a single problem. Efficient event log analysis reduces system downtime, increases network performance, and helps tighten security policies in the enterprise.

EventLog Analyzer also supports logs received from other syslog supported systems & devices.

Windows Event Log monitoring is a prime function of EventLog Analyzer. The Windows event log monitoring software supports the Windows logs of all versions, Windows 2000 event logs, Windows 2003 event logs and Windows XP event logs. The event log manager software can also analyze the Windows Vista event logs, which is in extended EVT format.

Some of the many Windows Event IDs and Windows Vista Event IDs recognized by EventLog Analyzer are listed below:

 

Windows
Event ID

Windows Vista Event ID

Event Type

Description

512, 513, 514, 515, 516, 518, 519, 520
4608, 4609, 4610, 4611, 4612, 4614, 4615, 4616
System Events
Identifies local system processes such as system startup and shutdown and changes to the system time
517
4612
Audit Logs Cleared
Identifies all the audit logs clearing events
528, 540
4624
Successful User Logons
Identifies all the user logon events
529, 530, 531, 532, 533, 534, 535, 536, 537, 539
4625
Logon Failures
Identifies all the failed user logon events
538
4634
Successful User Logoff's
Identifies all the user logoff events
560, 562, 563, 564, 565, 566, 567, 568
4656, 4658, 4659, 4660, 4661, 4662, 4663, 4664
Object Access
Identifies when a given object (File, Directory, etc.) is accessed, the type of access (e.g. read, write, delete) and whether or not access was successful/failed, and who performed the action
612
4719
Audit Policy Changes
Identifies all the changes done in the audit policy
624, 625, 626, 627, 628, 629, 630, 642, 644
4720, 4722, 4723, 4724, 4725, 4726, 4738, 4740
User Account Changes
Identifies all the changes done on an user account like user account creation,deletion, password change, etc.
(631 to 641) and (643, 645 to 666)
4727 to 4737, 4739 to 4762
User Group Changes
Identifies all the changes done on an user group such as adding or removing a global or local group, adding or removing members from a global or local group, etc.
672, 680
4768, 4776
Successful User Account Validation
Identifies successful user account logon events, which are generated when a domain user account is authenticated on a domain controller
675, 681
4771, 4777
Failed User Account Validation
Identifies unsuccessful user account logon events, which are generated when a domain user account is authenticated on a domain controller
682, 683
4778, 4779
Host Session Status
Identifies the session reconnection or disconnection

Using EventLog Analyzer you can archive or store these Windows event logs, and also generate event log reports in real-time. You get instant access to wide variety of reports for events generated across hosts, users, processes, and host groups. You can also obtain pre-defined compliance reports to meet HIPAA, GLBA, PCI, and Sarbanes-Oxley audit requirements.

EventLog Analyzer Download