With the September 2007 deadline for all businesses handling card holder information to subscribe to PCI DSS, we are seeing a strong demand for EventLog Analyzer.

View Sample PCI Audit Report

EventLog Analyzer provides specific compliance audit reports for PCI, SOX, HIPAA, and GLBA based on system log management.

AJ

We are happy to announce the availability of ManageEngine EventLog Analyzer Service Pack 3 (Build 4030).

To get the complete build (4030) follow the below URL.

http://manageengine.adventnet.com/products/eventlog/download.html

Customers using earlier builds of EventLog Analyzer, please download the Service Pack 3 from the below URL. Please follow the instructions before applying the service pack.

http://manageengine.adventnet.com/products/eventlog/service-packs.html

You can access the online user guide (help document) from the below URL

http://manageengine.adventnet.com/products/eventlog/help/index.html

Listed below are the feature enhancements, bug fixes and limitations of build 4030:

New Features and Enhancements

> Support for collecting logs from customized event types.> Reports for PCI Compliance Audits.

> Support for SNARE, syslog input from windows hosts identified as Windows and not as Unix.

> Alerts can be generated based on AND / OR criteria search for multiple strings in collected system log messages.

> Custom reports can be created based on log message filters.

> Support for running user provided custom scripts while an alert is generated.

> Provision to find which users have deleted files and folders.

> Option to add new Device Type icons from the UI.

> ssh logins are now captured in User logon and logoff reports.

> Facility to view the custom report configuration details has been provided.

> Support for creating an alert profile for more than one host or a group.

> Option to specify subject for the alert notification through mail.

> Syslog viewer display to be shown dynamically as log messages come in to EventLog Analyzer.

> Option to connect the WBEMTEST by running the invokeWBEMTEST.bat in <EventLog Analyzer Home>\troubleshooting directory.

> Automatic hard disk space alert has been provided.

Bug Fixes

> Only one event was shown in a single page of the PDF report.> In Loading archive files for the Linux host the source name was not shown.

> Search in the complete view page did not show the appropriate count of the search result and could not be exported.

> Logon/logoff events were not captured for Solaris hosts.

> In the Compliance report, Individual User Action details were not shown.

> Details of the process with special characters were not shown.

> In Load & Search of archived files, message based search criteria did not produce any results.

> If email authentication is given for the mail server, alert were not mailed.

> In global search, security based Event ID's alone were searched.

Known Issues

> Windows Vista is not fully supported.> Username is not parsed correctly for some EventID's of the SNARE logs.

> In the user based reports service account is also shown along with the user account.

> Directory structure (eg: C:\AdventNet) in the log for windows machine is not shown correctly (eg: C:AdventNet).

For any assistance please write to support@eventloganalyzer.com

Thanks & Regards

AJ

EventLog Analyzer & Firewall Analyzer

We are happy to inform you that we are taking part in the upcoming RSA Conference 2007, to be held between Feb 5-9, Moscone Center, San Fransico.

Visit us at Booth #2147

Existing customers, please get in touch with support@eventloganalyzer.com before Feb 2nd, to get hold of a Free Pass for the Expo to be held between Feb 6-8.

See you at the show!

AJ

ManageEngine EventLog Analyzer Service Pack 2 (Build 4020) has been released. With this release we have obliged to many of our customers who had requested us to provide facility to import their already collected windows event log files (in .evt format) and analyze & provide reports on them.

With this release we have enhanced the log forensic capabilities of EventLog Analyzer with enhanced reports for SOX Compliance and Cisco Devices.

Happy Logging!

Aloha,

AJ

Ponemon Institute? had surveyed 461 people who work in corporate IT departments in U.S. organizations. And the finding states "Most insider-related data breaches go unreported"

I would like to add: there is no "one-size-fits-all" kinda solution to the problem, knowing very well that most of the insider threats arise from human error.

You are only as strong as your weakest link. And in the case of Insider Threat, it could as well be employee negligence :wink:

Cheers

AJ

to keep raising the bar on our product features and the support we provide to our customers. Thank You, and please keep sending your feedbacks (brick-bats as well :wink: ).

Say?nara

AJ

EventLog Analyzer is now listed in NetworkWorld IT Buyer's Guide for Security Event Management Products.

AJ

Bonjour,

Continuing our discussion on SIM through Compliance, you might be aware, that EventLog Analyzer currently provides support for: (SOX) SARBANES-OXLEY, (HIPAA) HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT and (GLBA) GRAMM-LEACH BlLILEY ACT and now we are contemplating extending our compliace reporting initiative to include support for PCI DSS.

For the uninitiated, PCI DSS stands for Payment Card Industry Data Security Standard. PCIDSS Requirements apply to all Members, merchants, and service providers that store, process or transmit cardholder data. Additionally, these security requirements apply to all ?system components? which is defined as any network component, server, or application included in, or connected to, the cardholder data environment. Network components, include, but are not limited to, firewalls, switches, routers, wireless access points, network appliances, and other security appliances. Servers include, but are not limited to, web, database, authentication, DNS, mail, proxy, and NTP. Applications include all purchased and custom applications, including internal and external (web) applications.

PCI forms the framework for VISA's CISP (Cardholder Information Security Program ) and MasterCard's SDP (Site Data Protection).

The PCI DSS has 12 basic requirements (with subsequent sub-requirements), which reads as follows:

>> Build and Maintain a Secure Network

Requirement 1: Install and maintain a firewall configuration to protect data

Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

>> Protect Cardholder Data

Requirement 3: Protect stored data

Requirement 4: Encrypt transmission of cardholder data and sensitive information across public networks

>> Maintain a Vulnerability Management Program

Requirement 5: Use and regularly update anti-virus software

Requirement 6: Develop and maintain secure systems and applications

>> Implement Strong Access Control Measures

Requirement 7: Restrict access to data by business need-to-know

Requirement 8: Assign a unique ID to each person with computer access

Requirement 9: Restrict physical access to cardholder data

>> Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data

Requirement 11: Regularly test security systems and processes.

>> Maintain an Information Security Policy

Requirement 12: Maintain a policy that addresses information security

Do let us know your requirements for PCI compliance support in EventLog Analyzer and we will surely look into your request.

Au revoir!

AJ

Welcome to EventLog Analyzer Blogs!

It gives me immense pleasure to welcome you to the EventLog Analyzer team's scribblings. This would be our way of having informal exchanges about everything under the sun, which would of course include discussions on EventLog Analyzer.

Here, you would get to meet the young team behind this product, discuss with them and have some mutually wonderful learning experience.

Thank You

AJ