- Free Edition
- What's New?
- Key Highlights
- Suggested Reading
- All Capabilities
-
Log Management
- Event Log Management
- Syslog Management
- Log Collection
- Agent-less Log Collection
- Agent Based Log collection
- Windows Log Analysis
- Event Log Auditing
- Remote Log Management
- Cloud Log Management
- Security Log Management
- Server Log Management
- Linux Auditing and Reporting
- Auditing Syslog Devices
- Windows Registry Auditing
- Privileged User Activity Auditing More..
-
Application Log Management
- Application Log Monitoring
- Web Server Auditing
- Database Activity Monitoring
- Database Auditing
- IIS Log Analyzer
- Apache Log Analyzer
- SQL Database Auditing
- VMware Log Analyzer
- Hyper V Event Log Auditing
- MySQL Log Analyzer
- DHCP Server Auditing
- Oracle Database Auditing
- SQL Database Auditing
- IIS FTP Log Analyzer
- IIS Web Log Analyzer
- IIS Viewer
- IIS Log Parser
- Apache Log Viewer
- Apache Log Parser
- Oracle Database Auditing More..
-
IT Compliance Auditing
- ISO 27001 Compliance
- HIPAA Compliance
- PCI DSS Compliance
- SOX Compliance
- GDPR Compliance
- FISMA Compliance Audit
- GLBA Compliance Audit
- CCPA Compliance Audit
- Cyber Essentials Compliance Audit
- GPG Compliance Audit
- ISLP Compliance Audit
- FERPA Compliance Audit
- NERC Compliance Audit Reports
- PDPA Compliance Audit reports
- CMMC Compliance Audit
- Reports for New Regulatory Compliance
- Customizing Compliance Reports More..
-
Security Monitoring
- Threat Intelligence
- STIX/TAXII Feed Processor
- Threat Whitelisting
- Real-Time Event Correlation
- Log Forensics
- Incident Management System
- Automated Incident Response
- Linux File Integrity Monitoring
- Detecting Threats in Windows
- External Threat Mitigation
- Malwarebytes Threat Reports
- FireEye Threat Intelligence
- Application Log Management
- Security Information and Event Management (SIEM)
- Real-Time Event Alerts
- Privileged User Activity Auditing More..
-
Network Device Monitoring
- Network Device Monitoring
- Router Log Auditing
- Switch Log Monitoring
- Firewall Log Analyzer
- Cisco Logs Analyzer
- VPN Log Analyzer
- IDS/IPS Log Monitoring
- Solaris Device Auditing
- Monitoring User Activity in Routers
- Monitoring Router Traffic
- Arista Switch Log Monitoring
- Firewall Traffic Monitoring
- Windows Firewall Auditing
- SonicWall Log Analyzer
- H3C Firewall Auditing
- Barracuda Device Auditing
- Palo Alto Networks Firewall Auditing
- Juniper Device Auditing
- Fortinet Device Auditing
- pfSense Firewall Log Analyzer
- NetScreen Log Analysis
- WatchGuard Traffic Monitoring
- Check Point Device Auditing
- Sophos Log Monitoring
- Huawei Device Monitoring
- HP Log Analysis
- F5 Logs Monitoring
- Fortinet Log Analyzer More..
- Endpoint Log Management
- System and User Monitoring Reports
-
Log Management
- Product Resources
- Related Products
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- ADSelfService Plus Identity security with MFA, SSO, and SSPR
- DataSecurity Plus File server auditing & data discovery
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- RecoveryManager Plus Enterprise backup and recovery tool
- SharePoint Manager Plus SharePoint Reporting and Auditing
- AD360 Integrated Identity & Access Management
- AD Free Tools Active Directory FREE Tools
In network security, it helps to have as many data points as possible; so, whenever you're assessing a log management tool, it's important to consider the number of log formats it supports.
EventLog Analyzer, in addition to being a comprehensive log management tool, has a robust selection of network security features. In order to ensure the complete security of your IT environment, the tool supports over 40 different log formats out-of-the-box, including logs from H3C firewalls and switches.
If your network has H3C network devices installed, you definitely need a log management tool that provides vivid descriptions of the transactions happening through the network devices. EventLog Analyzer gets this done by breaking the logs into smaller pieces and preparing reports from them.
The following are H3C reports from EventLog Analyzer that security administrators find particularly useful:
- Firewall allowed and denied connections. These reports provide an in-depth view of the connections going through a network. Anomalous activity can be identified from a spike in the number of connections denied from a particular account.
- Allowed firewall traffic reports: These reports offer a summary of the traffic that passed through the H3C firewalls in your network. To make analysis easier for security teams, there are trend reports and reports segregating traffic based on source and destination.
- Successful and failed logon reports. These reports are useful for monitoring logons, which are one of the first things looked at during forensic analysis. The failed logons report gives a full representation of malicious users trying to gain access to the network.
- Firewall rules management reports. As firewall rules determine which users get into the network, these rules need constant monitoring. These reports keep administrators up to speed on what's been happening with those rules.
- Firewall DHCP reports: These reports provide data such as the IP addresses allocated to devices, IP addresses with extended leases, and conflicting IP addresses.
- Firewall interface status reports: These reports represent the status of firewall interfaces. They provide lists of interfaces that are up or down.
- Firewall security reports: These reports summarize the data collected from web filters and antivirus software. Network administrators can gain useful security insights from these reports.
- Severity reports. These reports classify events based on their severity level, helping administrators prioritize and attend to events that have the potential to turn into catastrophe.
- System event reports. These reports give administrators information, such as device temperature, fan status, memory and CPU usage, power usage, and system reboots, which are necessary to monitor the well-being of devices.
- VPN logon reports: These reports give users a plethora of information on logons through virtual private networks (VPNs). There are separate sets of reports for successful and unsuccessful VPN logons.
