Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2011 ZOHO Corp. All Rights Reserved

Published byClaudia Araya Villanueva Modified over 6 years ago

Similar presentations

Presentation on theme: "© 2011 ZOHO Corp. All Rights Reserved"— Presentation transcript:

1 © 2011 ZOHO Corp. All Rights Reserved
ManageEngine® EventLog Analyzer 7 Collects, Analyzes, Reports and Archives on Applications, Systems and Device Logs for Internal Threat Management and Regulatory Compliance © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

2 © 2011 ZOHO Corp. All Rights Reserved
Preview What is Event Log / Syslog? Why Event Log Management? Introducing EventLog Analyzer Log Management Stages Product Brief Features & Benefits EventLog Analyzer Customers Demo Q & A 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

3 What is Event Log / SysLog? (1/2)
Windows computers use this logging system (go to Start > Settings > Control Panel > Administrative Tools > Event Viewer) Consist of: Security Log – related to security or rights events Application Log – related to Non-OS events System Log – any other event, like startup messages, device errors, etc. 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

4 What is Event Log / SysLog? (2/2)
The logging system that Unix systems like Linux, Solaris, BSD, etc., use. (go to /var/log/messages) All the activities of a system are logged as event log or Syslog. Both event log and Syslog are similar. (from hereon we will be using event log to collectively refer to Event Log and SysLog) 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

5 Why Event Log Management?
Security Information Event Management [SIEM] for IT Operations & Compliance Audit staff Regulatory compliance for PCI-DSS, HIPAA, FISMA, SOX, and GLBA acts Monitor and Audit Privileged User activities Ensures System Security and Policy enforcement Troubleshoots when things go wrong in the network Monitors systems for optimal performance Secured storage of Log data for internal and compliance audit 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

6 Introducing EventLog Analyzer (1/3)
EventLog Analyzer is: a Log Collecting and Analyzing software a Compliance Reporting tool for PCI-DSS, HIPPA, FISMA, SOX and GLBA regulatory acts an activity monitoring software 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

7 Introducing EventLog Analyzer (2/3)
EventLog Analyzer helps you to: Determine unauthorized user access attempts and other policy violations Assess and mitigate internal user threats Understand security risks in your network Identify trends in user activity, server activity, peak usage times, etc. Understand server and network activity in real-time 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

8 Introducing EventLog Analyzer (3/3)
Zero-in on applications causing performance and security problems Monitor critical servers exclusively and set alerts Alert on hosts generating large amounts of log events indicating potential threats Identify applications and system hardware that may not be functioning optimally Do a root cause analysis of security incidents 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

9 EventLog Analyzer - Distributed Edition
Higher Scalability Distributed Monitoring 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved 9

10 EventLog Analyzer: Log Management Stages
Collects event logs from Windows, Linux, UNIX - Solaris hosts, and Switches & Routers. Collect Stage 1 Analyzes the configured systems for unusual activities, non-compliant behavior etc., and raises alerts Analyze Stage 2 Instant or Schedule reports based on events, trends, and compliance behavior. Report Stage 3 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

11 © 2011 ZOHO Corp. All Rights Reserved
Product Brief Product scope: Supported Hosts include Windows, Unix (all flavors), devices like Routers, Switches, IBM AS/400 & any other syslog devices, & applications like IIS Web server, IIS FTP server, DHCP Linux, DHCP Windows, Oracle & MS SQL. Target Customers: IT Operations & Compliance Audit staff. MSPs and MSSPs. Data Collection: WMI/DCOM for Windows, Syslog for others. Auto discovery supported. Scalability: 600 (heterogeneous) Hosts/Applications per installation of ELA. Deployment Flexibility: Download, install and run on Windows 2000, XP,Vista,7, Servers 2003 & 2008, Linux (all flavors). Both 32-bit & 64-bit CPUs are supported 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2007 ZOHO Corp. All Rights Reserved

12 Product Brief (continued)
Incident management and workflow support: Event & Host-based Alerts & Reports can be scheduled and reports can be ed (PDF, CSV, Zip). User Management: Administrator, Operator, & Guest user privileges. Import Active Directory & RADIUS users. Data Repository: Bundled MySQL database, Support for MS SQL database and archive data storage is compressed (.zip) Reporting: Pre-defined reports (includes compliance reports) & custom reports. Reports can be exported in PDF, HTML & CSV formats 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2007 ZOHO Corp. All Rights Reserved

13 Features & Benefits (1/5)
Comprehensive Event Collection – Collects security, application and system event log data from enterprise-wide Windows, UNIX systems, Routers, Switches, IBM AS/400, other Syslog devices & Applications. Normalizes and stores them all in a centralized event database. Analyzes Native language logs with i18N support. Collects logs without Agent and optional Agent Pre-built Event Reports – Comprehensive reports include top reports on events generated across hosts, users, processes, and host groups, apart from top events by count. Compliance Reports – Generates pre-defined reports to meet PCI-DSS, HIPAA, FISMA, SOX and GLBA compliance requirements. 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

14 Features & Benefits (2/5)
PUMA Reports – Internal privileged user monitoring and reporting to mitigate internal user threat Instant Reports – Generate reports in real-time and get instant access into last events generated. View last ten events generated, for any host from which event logs are collected. Customizable Report Profiles – Build custom report profiles with event filters and report format options tailored to meet your specific needs. Build report profiles from advanced search results. Report Schedule and Distribution – Automatically generate reports at specified time intervals and get them delivered via . Multiple Report Formats – Generate and view reports in HTML, PDF and CSV formats. 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved 14

15 Features & Benefits (3/5)
Trending – View trend of events based on event severity and event type. Trend on alerts triggered is available. Real-time Alerting & Automatic Notification – Automatically notifying you the alerts on a specific host criteria set by you. , SMS, & SNMP Traps Security Analysis – Identify unauthorized and failed logins, and malicious user(s). Set alerts for suspicious hosts, and monitor events exclusively. Secured Log Archive – Can archive collected system logs for compliance audit, network audit, and forensic analysis. The archive log data is encrypted, hashed and time stamped to make it secured and tamper proof 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

16 Features & Benefits (4/5)
Log Import - Import Windows Event Logs (.evt format), Syslogs and generate Reports. Powerful Filters – Define event filter to specify criteria such as event type, severity, hosts, etc., in reports. Multi-level drill-down – Drill down from event reports to see specific event details about a host / host group or application. Advanced Search – Search any event (raw log) using advanced search. Save the result as report profile. Host Grouping – Group hosts together based on your business needs, generate event reports, and analyze trend patterns exclusively. Anytime, Anywhere Access & Management – Monitor hosts and generate reports from just a web browser. Rebranding – It allows client UI rebranding for the use of MSPs and MSSPs 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

17 Features & Benefits (5/5)
OS Support – Can be installed and run on Windows and Linux systems making it suitable for deployment in a wide range of enterprises. 32-bit and 64-bit CPUs supported. Host OS Support – Can collect logs from Windows & Linux systems. Can collect logs across platforms. Device Support – Can collect log from (Cisco) Routers & Switches, IBM AS/400 and any syslog supporting devices. Application Support – MS IIS Web & FTP servers, DHCP Linux, DHCP Windows, VMWare, Oracle and MS SQL servers. Bundled Database – integrated MySQL database configured to store all log data. No external database configuration required. MS SQL database is supported. 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

18 EventLog Analyzer - Editions
EventLog Analyzer is available in three editions: Professional Premium Distributed Premium Editions contains all the features of the Professional Edition plus the following features: Application Log Analysis Support for MS SQL server backend database Optional Agent based log collection For the list features available for the editions, visit: 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2007 ZOHO Corp. All Rights Reserved

19 EventLog Analyzer – Road Map
Server specific reports - Server Audit, File Server, Printer File integrity monitoring 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2007 ZOHO Corp. All Rights Reserved 19

20 Customers Using EventLog Analyzer
Our customers include Accenture Ricoh NEC Blue Cross US Navy Raytheon, Office of the Secretary of State of Washington, and many other global corporations & governments. For the list of customers, visit: 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2007 ZOHO Corp. All Rights Reserved 20

21 Live Demo @ http://demo.eventloganalyzer.com/
© 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

22 © 2011 ZOHO Corp. All Rights Reserved
Q & A © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

23 Thank You For more information Website: www.eventloganalyzer.com
Phone US: Phone Inlt: 11/7/2018 © 2011 ZOHO Corp. All Rights Reserved © 2005 ZOHO Corp. All Rights Reserved

Download ppt "© 2011 ZOHO Corp. All Rights Reserved"

Similar presentations

ManageEngine IT360 Product Overview

ManageEngine IT360 Product Overview
Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
Implementing Tableau Server in an Enterprise Environment

Implementing Tableau Server in an Enterprise Environment
Complete Event Log Viewing, Monitoring and Management.

Complete Event Log Viewing, Monitoring and Management.
Service Manager for MSPs

Service Manager for MSPs
Introducing FailSafeSolutions Online Backup Software.

Introducing FailSafeSolutions Online Backup Software.
ServiceDesk Plus MSP Product Overview. Why ServiceDesk Plus - MSP? Capability of Managing Multiple Client’s in one Help Desk Stop Juggling with multiple.

ServiceDesk Plus MSP Product Overview. Why ServiceDesk Plus - MSP? Capability of Managing Multiple Client’s in one Help Desk Stop Juggling with multiple.
XProtect ® Professional Efficient solutions for mid-sized installations.

XProtect ® Professional Efficient solutions for mid-sized installations.
ONE STOP THE TOTAL SERVICE SOLUTION FOR REMOTE DEVICE MANAGMENT.

ONE STOP THE TOTAL SERVICE SOLUTION FOR REMOTE DEVICE MANAGMENT.
XProtect ® Express Integration made easy. With support for up to 48 cameras, XProtect Express is easy and affordable IP video surveillance software with.

XProtect ® Express Integration made easy. With support for up to 48 cameras, XProtect Express is easy and affordable IP video surveillance software with.
BalaBit Shell Control Box

BalaBit Shell Control Box
Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.

Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.
Complete Event Log Viewing, Monitoring and Management.

Complete Event Log Viewing, Monitoring and Management.
ActiveXperts Network Monitor Monitors servers, workstations and devices for availability Alerts and corrects.

ActiveXperts Network Monitor Monitors servers, workstations and devices for availability Alerts and corrects.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Enforcive CPA Cross Platform Auditing. Company Profile Formed in 1983 Pioneer in IBM mainframe and midrange security Offices in New Jersey, Toronto and.

Enforcive CPA Cross Platform Auditing. Company Profile Formed in 1983 Pioneer in IBM mainframe and midrange security Offices in New Jersey, Toronto and.
ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.

ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.
Www.lumension.com © Copyright 2008 - Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Similar presentations

Ads by Google