GFI EventsManager 7.1, 3 user ESM3 Benutzerhandbuch
Produktcode
ESM3
Network-wide event log management
Event logs are a valuable tool to monitor network security and performance that are often underutilized due to
their complexity and volume. As organizations grow in size, they require a more structured approach towards
event log management and retention. A recent survey carried out by SANS Institute found that 44% of system
administrators do not keep logs more than a month.
their complexity and volume. As organizations grow in size, they require a more structured approach towards
event log management and retention. A recent survey carried out by SANS Institute found that 44% of system
administrators do not keep logs more than a month.
Proper log management helps you to meet several objectives including:
· Information system and network security
· System health monitoring
· Legal and regulatory compliance
· Forensic investigations
GFI EventsManager collects data from all devices that use Windows event logs, W3C, and Syslog and applies
the best rules and filtering in the industry to identify key data. This allows you to track when staff swipe their fob,
pick up the phone to call home, turn on their PC, what they do on their PC and which files they access during
their work day. GFI EventsManager also provides you with real-time alerting when critical events arise and
suggests remedial action.
the best rules and filtering in the industry to identify key data. This allows you to track when staff swipe their fob,
pick up the phone to call home, turn on their PC, what they do on their PC and which files they access during
their work day. GFI EventsManager also provides you with real-time alerting when critical events arise and
suggests remedial action.
"Translates" cryptic windows events
Network-wide analysis of event logs made easy
Cryptic logs make log analysis a lengthy process. GFI
EventsManager “translates” the often cryptic event descriptions
to clear, concise explanations and suggestions for action.
EventsManager “translates” the often cryptic event descriptions
to clear, concise explanations and suggestions for action.
As a network administrator, you have experienced the cryptic
and voluminous logs that make log analysis a daunting
process. GFI EventsManager is a log processing solution that
and voluminous logs that make log analysis a daunting
process. GFI EventsManager is a log processing solution that
Centralized event logging
provides network-wide control and management of Windows
event logs, W3C logs, and Syslog events generated by your
event logs, W3C logs, and Syslog events generated by your
Event logs are constantly and automatically generated by a
user or by an automatic/background process and logs are
user or by an automatic/background process and logs are
network sources. GFI EventsManager includes an intelligent
event processor which processes logs and presents information
in a centralized, easy and user-friendly fashion.
event processor which processes logs and presents information
in a centralized, easy and user-friendly fashion.
often stored in disparate locations. GFI EventsManager stores
all captured event logs into one SQL database that may also
all captured event logs into one SQL database that may also
Why use GFI EventsManager?
reside remotely. You may also configure scheduled backups
of your event logs.
of your event logs.
High performance scanning engine
GFI EventsManager incorporates a totally re-designed event
scanning engine that is fine-tuned for maximum scanning
scanning engine that is fine-tuned for maximum scanning
· Centralizes Syslog, W3C and Windows events
generated by firewalls, servers, routers, switches,
phone systems, PCs and more
phone systems, PCs and more
performance. Tests demonstrate that it is able to scan and
collect up to 6 million events/hr. Furthermore, its plug-in based
methodology allows additional features and modules to be
integrated without interfering with existing code.
collect up to 6 million events/hr. Furthermore, its plug-in based
methodology allows additional features and modules to be
integrated without interfering with existing code.
· Wizard assisted configuration simplifies end-user
operation and maintenance
Real-time alerts
GFI EventsManager can send you alerts when key events or
intrusions are detected.You can trigger actions such as scripts
intrusions are detected.You can trigger actions such as scripts
· Unrivaled event scanning performance scalable to
over 6 million events per hour
· Preconfigured event processing rules for effective
out-of-the-box event classification and management
or send an alert to one or more people by email, network
messages, and SMS notifications sent through an
email-to-SMS gateway or service.
messages, and SMS notifications sent through an
email-to-SMS gateway or service.
Extended event log support
· Automated 24/7 event activity monitoring and alerting
· Powerful reporting for effective network activity
monitoring and immediate ROI.
GFI EventsManager processes various event log types
including Windows event logs, Syslog events, and W3C event
logs. This allows you to collect more data from the different
hardware and software systems that are most commonly
available on a typical corporate network.
including Windows event logs, Syslog events, and W3C event
logs. This allows you to collect more data from the different
hardware and software systems that are most commonly
available on a typical corporate network.