- Free Edition
- What's New?
- Quick Links
- Log Management
- Application Log Management
- Application log monitoring
- IIS log analyzer
- IIS web log analyzer
- IIS FTP log analyzer
- IIS log parser
- VMware log analyzer
- Hyper V event log auditing
- SQL database auditing
- SQL server auditing
- MySQL log analyzer
- Apache log analyzer
- DHCP server auditing
- Database activity monitoring
- Database auditing
- Oracle database auditing More..
- IT Compliance Auditing
- IT Compliance Auditing
- SOX Compliance Audit
- GDPR Compliance Audit
- ISO 27001 Compliance Audit
- HIPAA Compliance Audit
- PCI Compliance Audit
- FISMA Compliance Audit
- GLBA Compliance Audit
- GPG Compliance Audit
- ISLP Compliance Audit
- FERPA Compliance Audit
- CCPA Compliance Reports
- CCPA Compliance Software
- NERC Compliance Audit Reports
- Cyber Essentials Compliance Reports
- Reports for New Regulatory Compliance
- Customizing Compliance Reports
- PDPA compliance audit reports
- CMMC Compliance Audit More..
- SIEM
- Security Information and Event Management (SIEM)
- Threat Intelligence
- STIX/TAXII feed processor
- Server Log Management
- Event Log Monitoring
- File Integrity Monitoring
- Linux File Integrity Monitoring
- Threat Whitelisting
- Advanced Threat Analytics
- Security Log Management
- Log Forensics
- Incident Management System
- Application log management
- Real-Time Event Correlation
- Detecting Threats in Windows
- External Threat Mitigation
- Malwarebytes Threat Reports
- FireEye Threat Intelligence
- Linux Log Analyzer More..
- Network Device Monitoring
- Network Device Monitoring
- Router Log Auditing
- Cisco Logs Analyzer
- VPN log analyzer
- IDS/IPS log monitoring
- Solaris Device Auditing
- Monitoring user activity in routers
- Monitoring Router Traffic
- Switch Log Monitoring
- Arista Switch Log Monitoring
- Firewall Log Analyzer
- Firewall Traffic Monitoring
- Windows Firewall Auditing
- SonicWall Log Analyzer
- H3C Firewall Auditing
- Barracuda Device Auditing
- Palo Alto Networks Firewall Auditing
- Juniper Device Auditing
- Fortinet Device Auditing
- pfSense Firewall Log Analyzer
- NetScreen Log Analysis
- WatchGuard Traffic Monitoring
- Check Point Device Auditing
- Sophos Log Monitoring
- Huawei Device Monitoring
- HP Log Analysis
- F5 Logs Monitoring
- Fortinet log analyzer More..
- Endpoint Log Management
- System and User Monitoring Reports
- More Features
- Resources
- Product Info
- Related Products
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- ADSelfService Plus Identity security with MFA, SSO, and SSPR
- DataSecurity Plus File server auditing & data discovery
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- RecoveryManager Plus Enterprise backup and recovery tool
- SharePoint Manager Plus SharePoint Reporting and Auditing
- AD360 Integrated Identity & Access Management
- AD Free Tools Active Directory FREE Tools
Vulnerability scanners have become an integral part of network security. The widespread availability of free vulnerability scanning software, such as OpenVAS, has made them even more popular. Vulnerability scanner logs, which are repositories of security information, can be channeled into a log management tool that will correlate them with logs from other sources in the network.
Analyzing OpenVAS log data with EventLog Analyzer
EventLog Analyzer is a comprehensive log management tool that supports over 40 log formats out of the box, including logs generated by OpenVAS. After collecting logs from OpenVAS, EventLog Analyzer passes the logs through its parsing engine, where they'll be broken down into values that can be mapped to appropriate fields. To make this data more understandable, EventLog Analyzer builds reports which present you with actionable data.
The following are a few datapoints you can get from OpenVAS logs processed by EventLog Analyzer:
- Threat classification reports: Classifies all the vulnerabilities in your network based on their severity level. You'll be presented with separate reports for each level of severity such as high, medium, and low. This helps you identify which vulnerabilities you need to devote attention to, and which ones aren't as threatening yet.
- Common vulnerability scoring system (CVSS)-based reports: Presents the number of vulnerabilities found in each CVSS category. CVSS is an industry standard for assessing the severity of computer system security vulnerabilities. This report will give you an idea of the number of vulnerabilities in your network that require remediation.
- Top vulnerabilities report: Shows the types of vulnerabilities that are most commonly found in your network. This helps you assess your network and group vulnerabilities that share a common cause.
EventLog Analyzer's correlation engine
As the reporting module accesses broken-down log data, that log data is also simultaneously fed into EventLog Analyzer's correlation engine. The correlation engine compares the values extracted from OpenVAS logs with similar ones from other log sources to check if they match any of the correlation rules. If the criteria for a correlation rule is satisfied, corresponding alerts are triggered.
