Help others find this article:
| 
| 
| 
Yes!
AdventNet ManageEngine is hosting Roadshows in countries across the European Union.
If security of your enterprise IT infrastructure is your concern, then you must visit ME Euro Roadshow 2008.
We are available in your town. Feel free to seek any information about EventLog Analyzer. Join us at the Roadshow in your country, register here
Check complete details about the Roadshow, visit the link: http://manageengine.adventnet.com/euroroadshow/
Help others find this article:
| | |
Do you need to worry? May be.
Startling revelations make you to sit up and take note. Yes, the issue is about the insider security threat to your enterprise network. You have to trust your staff, as they are part and parcel of you enterprise. After all they are the one who is running the show. The issue is very delicate to tread. A recent article published in Times of India news paper, the results a IT security survey, reveals that 33% of IT people snoop in the sensitive enterprise data and approximately 50 % of the people accessed information not releavant to their roles. Abused confidential data ranges from board meeting minutes to salary details of colleagues. The privileged users or any user who can get the privileged user credentials have the chance of snooping your enterprise data. Lack of pro-active security policy or its non-implementation like, not changing the administrative passwords at regular intervals makes thing worse. It leads to information access even by your ex-employess.
Is it a wake up call? Yes.
Hence, it is time for you to take a fresh look at the internal security. Be pro-actively secured. Devise strong security policy and ensure it is fully implemented. Analyze the risk and mitigate it. You should also ensure that there is a mechanism in place to monitor the activities of the privileged users. The monitoring should not obstruct day to day activity, should not be obviously intrusive, and above all it should be in real-time. With this monitoring you will be able to assess the threat posed by various snooping activities. Then, you can employ appropriate means to mitigate the risk. You can formulate stricter security policies, restrict administrative user prvilileges to specific people, etc.
What is the way out? EventLog Analyzer.
ManageEngine EventLog Analyzer offers a comprehensive solution for privileged user monitoring.
EventLog Analyzer application carries out real-time monitoring of the user access to various enterprise resources. On occurence of an event specified by you, an alert will be triggered and will notify by Email or other means. It provides extensive reports and trends on user activities. There is much more, Compliance Reports, Archiving and Searching logs for forensic analysis and trouble shooting, etc.
Try EventLog Analyzer today. Download from here.
Help others find this article:
| | |
The ManageEngine Booth at the Interop Las Vegas 2008 was abuzz with activity.
You can see one of the esteemed EventLog Analyzer customer visiting the booth. They were happy with the product and the level of support (definitely AdventNet forte) offered.
Our contact person VJ Karthik flanked by EventLog Analyzer customers.
Help others find this article:
| | |
AdventNet ManageEngine EventLog Analyzer
Are you going to be there at the Interop Las Vegas 2008? EventLog Analyzer 5 will be show cased at booth number 2319. Feel free to drop in. For details about the product, contact Mr Karthik VJ. He will be there to help you.
Help others find this article:
| | |
Introductions first, my name is Karthik, I am part of Eventlog Analyzer development team. I call myself as ‘The Experimenter’(ok, that is not so cool as the Terminator and its likes, but that’s me), I meddle with the application all day and try to make things better(hopefully ;)).
As you may be aware, ELA 5 has been released and is available for download here. Its taken quite a long time to hatch, but I am sure its worth it. Grab a copy, try it out and email us what what you think about it at our support id. We are all ears.
The two important features in ELA 5(click here for complete feature list) that kept you folks waiting for such a long time were a. SQL Server database support and b. Support for Application Log analysis. In this post I will be talking about the application log support offered by ELA. We often receive requests from users demanding provision for analyzing different logs(other than syslogs and eventlogs) available out there(webserver logs, database logs to name a few), and given that each of these applications follow different logging formats, we had one heck of a challenge ahead us in designing a framework that would fit them all (I wont say that ELA fits in everything, but what we have now is a big step towards it). Besides handling the different log formats, ELA has also been improved to help you find the proverbial needle-in-the-haystack, by introducing better indexing and searching capabilities.
The question one might at this point is “Enuf said. What does it take to analyze the logs I have?” The answer: a couple of configuration files that tell ELA what your logs look like, what you want to index and what you want to see in the application. “So can anybody go out there and write these files?” may be your next question. Well, that’s a tricky one and I would have to say ‘No, not right now, you will need our help’, but I can assure you that we are working on making it as simple as possible.
The current release supports analysis of IIS web server logs, IIS ftp logs and SQL Server error logs. I am sure you will find the default reports offered quite useful, for example, in the case of IIS web server logs there are reports available which detail cross site scripting attacks and sql injection attempts.(While we are on the subject of analyzing web server logs, here is a must read for those of you trying to detect attacks on web applications from log files. And if you feel the list of reports inadequate or if your logs are not supported yet, please let us know. Like i said earlier its just a matter of configuring a couple of files and voila!, your logs are there to be dug through.
So what are we up to next? For starters, we are planning on a short vacation break. We are also pondering on the list of features to take up next. If there is anything on your ELA wishlist that’s missing in the new release, please write to us, we will accommodate them if possible.
Till then, Ciao.
Help others find this article:
| | |
In the era of increased data security threat from both outside and inside of your enterprise, you need to be proactive in your approach. On the government’s side, it wants to ensure the enterprise IT operations are regulated for the sake of data security of the citizens. In order to achieve this, government or the competent statutory authority issue regulations for the enterprises IT operations to be complied with. By complying the regulation, not only you are fulfilling the statutory requirements, you are also fortifying your enterprises security to the level acceptable to the external world.
Growing List of Compliance Regulations
One important point of concern is the growing number of Compliance Regulations issued by various statutory authorities. Already there are Sarbanes-Oxley Act (SOX), Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA). Further more there are California Senate Bill No. 1386, Federal Information Security Management Act (FISMA), and SCADA security best practices. Each regulatory compliance will be outlining its own separate set of reports which needs to be presented to the IT auditors. So how the small and medium enterprises with their limited IT budget will cope up with growing demand of regulatory compliance.
How to address the ensuing scenario
An ideal solution would be to generate customized set of reports for each compliance to be available as pre-built package. But customizing the set of reports will be time consuming and will be involving software developers with development time changes in the software application. This may not be desirable as every time a new regulation is introduced you have to carry out the exercise to comply with. What you can look out for is an application which allows you the flexibility of customization of the available set of reports to make ready for the new compliance. Further, you choose to fine tune or prune the set of reports meant for the existing regulatory compliance. Further more, you may feel that it will be nice to have the reports generated periodically without your intervention manually.
A solution in sight
AdventNet ManageEngine with its fore thought addresses your above stated problems. The EventLog Anayzer 5 allows you create a set of reports for a new compliance. This value added feature removes your burden of customizing the application every time you require reports for a new regulatory compliance. It takes no time and can be created by the System Administrator. Another feature of EventLog Anayzer 5 is to allow customization of the set of reports for the existing compliance report. This is another value addition that ensure that you submit only required reports and remove reports which are not required or add a new one which is required. You dodnot have to panic for minor changes in the regulations. What more, EventLog Anayzer 5 allows you to schdule the compliance report generation automatically at periodic interval. You can sit back and relax. The EventLog Anayzer 5 comes packed with a lot more features. Get the details here.
Want to see it to belive it, try EventLog Anayzer 5. You can download it from here. The full functionality download is available free for thirty days trial.
Help others find this article:
| | |
With the September 2007 deadline for all businesses handling card holder information to subscribe to PCI DSS, we are seeing a strong demand for EventLog Analyzer.
EventLog Analyzer provides specific compliance audit reports for PCI, SOX, HIPAA, and GLBA based on system log management.
AJ
Help others find this article:
| | |
We are happy to announce the availability of ManageEngine EventLog Analyzer Service Pack 3 (Build 4030).
To get the complete build (4030) follow the below URL.
http://manageengine.adventnet.com/products/eventlog/download.html
Customers using earlier builds of EventLog Analyzer, please download the Service Pack 3 from the below URL. Please follow the instructions before applying the service pack.
http://manageengine.adventnet.com/products/eventlog/service-packs.html
You can access the online user guide (help document) from the below URL
http://manageengine.adventnet.com/products/eventlog/help/index.html
Listed below are the feature enhancements, bug fixes and limitations of build 4030:
New Features and Enhancements
- > Support for collecting logs from customized event types.> Reports for PCI Compliance Audits.
> Support for SNARE, syslog input from windows hosts identified as Windows and not as Unix.
> Alerts can be generated based on AND / OR criteria search for multiple strings in collected system log messages.
> Custom reports can be created based on log message filters.
> Support for running user provided custom scripts while an alert is generated.
> Provision to find which users have deleted files and folders.
> Option to add new Device Type icons from the UI.
> ssh logins are now captured in User logon and logoff reports.
> Facility to view the custom report configuration details has been provided.
> Support for creating an alert profile for more than one host or a group.
> Option to specify subject for the alert notification through mail.
> Syslog viewer display to be shown dynamically as log messages come in to EventLog Analyzer.
> Option to connect the WBEMTEST by running the invokeWBEMTEST.bat in <EventLog Analyzer Home>\troubleshooting directory.
> Automatic hard disk space alert has been provided.
Bug Fixes
- > Only one event was shown in a single page of the PDF report.> In Loading archive files for the Linux host the source name was not shown.
> Search in the complete view page did not show the appropriate count of the search result and could not be exported.
> Logon/logoff events were not captured for Solaris hosts.
> In the Compliance report, Individual User Action details were not shown.
> Details of the process with special characters were not shown.
> In Load & Search of archived files, message based search criteria did not produce any results.
> If email authentication is given for the mail server, alert were not mailed.
> In global search, security based Event ID’s alone were searched.
Known Issues
- > Windows Vista is not fully supported.> Username is not parsed correctly for some EventID’s of the SNARE logs.
> In the user based reports service account is also shown along with the user account.
> Directory structure (eg: C:\AdventNet) in the log for windows machine is not shown correctly (eg: C:AdventNet).
For any assistance please write to support@eventloganalyzer.com
Thanks & Regards
AJ
Help others find this article:
| | |
We are happy to inform you that we are taking part in the upcoming RSA Conference 2007, to be held between Feb 5-9, Moscone Center, San Fransico.
Visit us at Booth #2147
Existing customers, please get in touch with support@eventloganalyzer.com before Feb 2nd, to get hold of a Free Pass for the Expo to be held between Feb 6-8.
See you at the show!
AJ
Help others find this article:
| | |
