View Cart  

EventLog Analyzer

ManageEngine EventLog analyzer is licensed based on the number of log sources (devices, applications, Windows servers, and workstations) added for monitoring.

Note: If you monitor an application and also the server in which the application is installed, then you will be licensed for 2 log sources.

ManageEngine EventLog Analyzer - Subscription Model

Number of Syslog Devices
(Linux/Unix, Firewalls, Routers, Switches, IDS/IPS, AS400)
Collectively specify the number of Linux/Unix devices, IBM AS400 systems, routers, switches, firewalls, IDS/IPS, and other syslog devices that you wish to audit.
Number of Windows Servers
Number of Windows Workstations
Application Auditing(IIS, MS SQL, etc.)
Collectively specify the number of applications from which you want to collect and analyze the logs. This could be your Oracle,MySql database, Apache, DHCP, Terminal Servers, and more.
Number of IIS Sites
Number of MS SQL Servers
Number of Other Applications
Linux File Server Auditing
This add-on helps auditing the Linux File Servers. Monitor file and folder changes through effective file integrity monitoring techniques.
Number of Linux File Servers
Windows File Server Auditing
This add-on helps auditing the Windows File Servers. Monitor the changes within systems effectively through effective file integrity monitoring techniques.
Number of Windows File Servers
Advanced Threat Analytics
This add-on helps to identify and assess threats posed by malicious URLs, IPs, and domains. It analyzes data from third-part threat feeds and assigns reputation scores to malicious sources, thereby helping you prioritize the response actions.
Cloud Source Auditing
Specify the number of AWS accounts that you wish to audit.
Number of AWS Accounts
Online Training (English language only) for 4 hours (upto 5 participants)
Total US$0
Compare Models Here's a more detailed breakdown of all the services included in both plans to help you decide:
Event Log Analyzer Service Offering Standard Onboarding Advanced Onboarding
Installation Tick Tick
Device management Windows Server - 10, WKS - 50, Supported Syslog Devices -10 Tick
Application management - IIS, MSSQL, Other Applications Up to 1 each Up to 3 each
Technician management (role configuration) Tick Tick
Log collection filter configuration Tick Tick
Log retention policy settings Tick Tick
Configuring Windows/Linux-based file monitoring basic configuration Tick Up to 10
Tuning product administrative settings
1. Email and SMS server configuration
2. Configuring log collection failure alerts
3. Log forwarding
Tick Tick
Historic EVT/EVTX file import Cross Tick
Custom reports and alerts configuration (provided logs are available) Up to 1 each Up to 10 in total
Reports, alerts, and compliance schedule creation Up to 1 each Up to 10
Rule-based correlation setup (based on the feasibility/available logs) Up to 1 Up to 5
Configuring managed servers* Cross Tick
Compliance-specific reports configuration Cross Up to 1
Dashboard customization Cross Up to 5
Log import scheduling Cross Up to 5
Custom log parser rule (creating additional fields) (subject to feasibility) Cross Tick
Advanced Threat Analytics configuration** Cross Tick
Incident management configuration Cross Tick
SOAR workflow configuration Cross Tick
External threat feed configuration Cross Tick
Setting up Windows logging Cross Tick
Security hardening & privacy
1. SSL configuration
2. Configuring TFA
3. GDPR privacy configuration
Cross Tick
Database migration (PGSQL to MSSQL) Cross Tick
High availability configuration Cross Tick
Restoration of an available backup Cross Tick
Data migration (ES/archive) Cross Tick
Agent deployment (agent-level registry changes will be performed) Cross Tick
NAT configuration Cross Tick
Expert consultation Cross Tick
Comprehensive documentation Cross Tick
User acceptance testing Cross Tick
Integrated walkthrough Cross Tick
Signing Cross Tick
Post-implementation health check Cross Tick
Supporting new log formats (subject to feasibility) Cross Tick
Additional custom correlation rules configuration (based on the feasibility/available logs) Cross Tick
Training (up to 4 participants) Available as an add-on Tick

* - only for distributed editions and MSSPs
** - if license is purchased

Note: The implementation of the above services are subject to fulfilment of client deliverables outlined in the scope of work (SOW).