Features | Free Edition * | Premium | Distributed |
---|---|---|---|
Multiple OS Support | |||
Monitored Device Support (Windows, Linux, Unix, AIX, Routers, Switches, VMWare, Any Syslog device) |
|||
Customizable dashboard widgets | |||
Log search using boolean operator, phrase, value ranges, wildcards & grouped search | |||
FTP Active Mode support for log file import | |||
Import and Analyze Event files | |||
Auto Discovery of Hosts | |||
Filter Events before Storing in Database | |||
Compressed Archives | |||
Archive log files encryption | |||
Hashing and Time stamping of Archive log files | |||
Real-time Display of Events | |||
Automated Alerts | |||
Authorized Access | |||
Host Grouping for Policy Implementation | |||
Schedule Data Collection | |||
Custom Reports | |||
Scheduling Reports | |||
PUMA Reports | |||
Multiple Report Formats | |||
Multi-level Drilldown | |||
Trend Analysis | |||
Security Analysis | |||
Compliance Reports (EventLog & Syslog) (Predefined and Customization) | |||
Command Execution on Alerts | |||
SMS and SNMP Trap Notification for Alerts | |||
Internationalization Support to handle Native Logs | |||
Export/Import of Alert, Report, and Filter Profiles | |||
Advanced Search in Raw Logs, Save Result as Report Profile | |||
Scheduled import from local and remote (FTP/SFTP) machines | |||
Log collection during log collector down time | |||
Monitoring Users Accessing EventLog Analyzer Application | |||
File Integrity Monitoring | |||
Server specific reports | |||
Multi-geographical location monitoring | |||
Scalable architecture | |||
Log field extraction using an interactive regular expression (regex) syntax builder | |||
Universal log parsing and indexing (ULPI) to support any log format (Human Readable & non-encrypted log formats) | |||
Import users from Active Directory groups | |||
Agent for log collection across WAN/Firewalls | |||
Import of saved Syslog Files | |||
Re-branding Web Client | |||
Instant Reports | |||
Analyze Application specific Logs
|
|||
Support for MS SQL Server and MS SQL Cluster as Backend Database | |||
Custom View & User based Views | |||
Active Directory & RADIUS Server based Third Party User Authentication | |||
IBM AS/400 Logs Analysis (V5R series) Filter, Report, Alert, Archive & Import | |||
Real-Time Event Correlation | |||
Windows Terminal Server Log Monitoring | |||
User Session Monitoring | |||
Cloud Source Auditing
|
Event Log Analyzer Service Offering | Standard Onboarding | Advanced Onboarding |
---|---|---|
Installation | ||
Device management | Windows Server - 10, WKS - 50, Supported Syslog Devices -10 | |
Application management - IIS, MSSQL, Other Applications | Up to 1 each | Up to 3 each |
Technician management (role configuration) | ||
Log collection filter configuration | ||
Log retention policy settings | ||
Configuring Windows/Linux-based file monitoring basic configuration | Up to 10 | |
Tuning product administrative settings 1. Email and SMS server configuration 2. Configuring log collection failure alerts 3. Log forwarding |
||
Historic EVT/EVTX file import | ||
Custom reports and alerts configuration (provided logs are available) | Up to 1 each | Up to 10 in total |
Reports, alerts, and compliance schedule creation | Up to 1 each | Up to 10 |
Rule-based correlation setup (based on the feasibility/available logs) | Up to 1 | Up to 5 |
Configuring managed servers* | ||
Compliance-specific reports configuration | Up to 1 | |
Dashboard customization | Up to 5 | |
Log import scheduling | Up to 5 | |
Custom log parser rule (creating additional fields) (subject to feasibility) | ||
Advanced Threat Analytics configuration** | ||
Incident management configuration | ||
SOAR workflow configuration | ||
External threat feed configuration | ||
Setting up Windows logging | ||
Security hardening & privacy 1. SSL configuration 2. Configuring TFA 3. GDPR privacy configuration 4. CAPTCHA |
||
Database migration (PGSQL to MSSQL) | ||
High availability configuration | ||
Restoration of an available backup | ||
Data migration (ES/archive) | ||
Agent deployment (agent-level registry changes will be performed) | ||
NAT configuration | ||
Expert consultation | ||
Comprehensive documentation | ||
User acceptance testing | ||
Integrated walkthrough | ||
Signing | ||
Post-implementation health check | ||
Supporting new log formats (subject to feasibility) | ||
Additional custom correlation rules configuration (based on the feasibility/available logs) | ||
Training (up to 4 participants) | Available as an add-on |