- Free Edition
- What's New?
- Key Highlights
- Suggested Reading
- All Capabilities
-
Log Management
- Event Log Management
- Syslog Management
- Log Collection
- Agent-less Log Collection
- Agent Based Log collection
- Windows Log Analysis
- Event Log Auditing
- Remote Log Management
- Cloud Log Management
- Security Log Management
- Server Log Management
- Linux Auditing and Reporting
- Auditing Syslog Devices
- Windows Registry Auditing
- Privileged User Activity Auditing More..
-
Application Log Management
- Application Log Monitoring
- Web Server Auditing
- Database Activity Monitoring
- Database Auditing
- IIS Log Analyzer
- Apache Log Analyzer
- SQL Database Auditing
- VMware Log Analyzer
- Hyper V Event Log Auditing
- MySQL Log Analyzer
- DHCP Server Auditing
- Oracle Database Auditing
- SQL Database Auditing
- IIS FTP Log Analyzer
- IIS Web Log Analyzer
- IIS Viewer
- IIS Log Parser
- Apache Log Viewer
- Apache Log Parser
- Oracle Database Auditing More..
-
IT Compliance Auditing
- ISO 27001 Compliance
- HIPAA Compliance
- PCI DSS Compliance
- SOX Compliance
- GDPR Compliance
- FISMA Compliance Audit
- GLBA Compliance Audit
- CCPA Compliance Audit
- Cyber Essentials Compliance Audit
- GPG Compliance Audit
- ISLP Compliance Audit
- FERPA Compliance Audit
- NERC Compliance Audit Reports
- PDPA Compliance Audit reports
- CMMC Compliance Audit
- Reports for New Regulatory Compliance
- Customizing Compliance Reports More..
-
Security Monitoring
- Threat Intelligence
- STIX/TAXII Feed Processor
- Threat Whitelisting
- Real-Time Event Correlation
- Log Forensics
- Incident Management System
- Automated Incident Response
- Linux File Integrity Monitoring
- Detecting Threats in Windows
- External Threat Mitigation
- Malwarebytes Threat Reports
- FireEye Threat Intelligence
- Application Log Management
- Security Information and Event Management (SIEM)
- Real-Time Event Alerts
- Privileged User Activity Auditing More..
-
Network Device Monitoring
- Network Device Monitoring
- Router Log Auditing
- Switch Log Monitoring
- Firewall Log Analyzer
- Cisco Logs Analyzer
- VPN Log Analyzer
- IDS/IPS Log Monitoring
- Solaris Device Auditing
- Monitoring User Activity in Routers
- Monitoring Router Traffic
- Arista Switch Log Monitoring
- Firewall Traffic Monitoring
- Windows Firewall Auditing
- SonicWall Log Analyzer
- H3C Firewall Auditing
- Barracuda Device Auditing
- Palo Alto Networks Firewall Auditing
- Juniper Device Auditing
- Fortinet Device Auditing
- pfSense Firewall Log Analyzer
- NetScreen Log Analysis
- WatchGuard Traffic Monitoring
- Check Point Device Auditing
- Sophos Log Monitoring
- Huawei Device Monitoring
- HP Log Analysis
- F5 Logs Monitoring
- Fortinet Log Analyzer More..
- Endpoint Log Management
- System and User Monitoring Reports
-
Log Management
- Product Resources
- Related Products
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- ADSelfService Plus Identity security with MFA, SSO, and SSPR
- DataSecurity Plus File server auditing & data discovery
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- RecoveryManager Plus Enterprise backup and recovery tool
- SharePoint Manager Plus SharePoint Reporting and Auditing
- AD360 Integrated Identity & Access Management
- AD Free Tools Active Directory FREE Tools
Organizations today face highly sophisticated security attacks on their networks. Endpoints are now major targets, as it's easy to bring an entire network down by infecting just one endpoint device.
With ransomware and zero-day attacks trending upward, many organizations have turned to endpoint security solutions to maintain the confidentiality, integrity, and availability of their endpoint assets.
Security auditing for Symantec Endpoint Protection using EventLog Analyzer
Symantec Endpoint Protection helps stop zero-day exploits and malware, including an assortment of viruses, worms, Trojans, spyware, bots, adware, and rootkits. Collecting and processing logs from Symantec Endpoint Protection helps organizations gain better insights and improve their security posture.
Additionally, EventLog Analyzer collects and analyzes log data from Symantec DLP application to ensure the integrity of confidential business information. The parsed logs from Symantec Endpoint Protection and Symantec DLP can provide comprehensive reports on the following aspects.
- Logon activity: View the list of all the successful logons to the device, including the hosts and users with the most number of logons as well as the overall trend in logon patterns.
- Failed logons: See all failed logon attempts to the device, the hosts and users with the most number of failed logons, and the trend in failed logon patterns.
- User account management: Discover all admin accounts that have been added, deleted, or modified.
- Policy changes: View the list of changes made to a Symantec Endpoint Protection device.
- Risks: Examine an overview of the risks that have been identified by Symantec Endpoint Protection.
- Viruses: See which devices are infected with viruses and other security risks, including spyware, adware, and other files that can put a computer or network at risk.
- Port scans: View the list of all port scan detections that occurred due to packets being blocked on these ports within a short amount of time.
- Commercial applications: See the list of all the devices on which commercial applications have been installed and are running.
- Threats: Examine the list of all unknown threats, such as Trojan horses, worms, or keyloggers found during threat scanning.
- HIPS activity: View the list of attacks detected by the intrusion prevention system of Symantec Endpoint Protection.
- Data Loss Prevention: Get actionable insights on top senders, recipients, protocol used, target data, and data owners.
Antivirus softwares supported by EventLog Analyzer
- McAfee
- Symantec Endpoint Protection
- ESET Antivirus
- Kaspersky Antivirus
- Microsoft Antimalware
- Norton Antivirus
- Sophos Antivirus
