Windows Event Log Reports

Preventing Internal Data Loss

Prevent business sensitive data leaving your corporate walls with effective removable disk and print server auditing. Get to know which user accesses the USB device on what machine and when with exhaustive removable disk auditing reports.The top events report in removable disk auditing provides details about the top users/hosts that experience high rate of data transfer. Get to know

• When the USB device is plugged in
• Which files/folders are being copied to the USB device
• What files are being created on the removable disk
• From which machine the files are being copied and by whom

Print Server Auditing

With the print server auditing, get the detailed information on what documents are being printed by the users and who prints the document with insufficient privileges and more. Monitor your printer activity over a period of time with Trend reports from EventLog Analyzer.Get to know in real-time

• What documents are being printed
• Which documents are being printed with insufficient privileges
• Documents that are moved/resumed/paused/deleted from being printed

Database Auditing

Monitor database activities and privileged users database actions with detailed SQL and Oracle database auditing reports. It also provides you report for database server account management. Get to know when a role/users for database is created, deleted. The reports also provide you information on database credential changes and failed password changes.

Get your Oracle, SQL DDL and DML activities audited with EventLog Analyzer's out-of- the-box reports. EventLog Analyzer also provides the report for

• Database Server startup & shutdown
• Logon events and Failed logon events of Oracle & SQL Servers
• Database backup and restoration
• Created/dropped server roles
• Server audit specification creation/deletion and modification and more.

EventLog Analyzer also provides you with the reports for reasons for logon failures for your AS400 environment.

Server Infrastructure monitoring

Combat security threats and unauthorized access to critical data on your server by auditing activities on the server with EventLog Analyzer's reports. The solution helps you to monitor and audit the activities happening on Terminal Server, DHCP Windows/Linux Server, IIS FTP Server, IIS and Apache Web Servers.

• Audit Terminal Server Gateway, IIS FTP Server, IIS and Apache Webserver logons
• Get information on session duration, bytes transferred and received via the Terminal Server Gateway
• Get to know the Top users, clients and resources who participate in Terminal Server communication
• Audit FTP Server operations such as File uploads, downloads, deletions, Password changes, and more
• Get to know the details such as Bad requests, request time out, and more occurred on Apache and IIS web servers with the Error Reports.

EventLog Analyzer also provides out-of-the-box reports that help you to monitor DNS and AD DNS Servers. Get ready to run reports for activities such as

• DNS Server Errors from Active Directory
• Failed DNS Server DS Record Loads
• Failed DNS Server Zone Transfer
• Refused DNS Server Zone Transfer and more

System Auditing

Monitor and get reports for activities happening at Windows workstations, IBM AS400 system, Network devices such as routers, firewall, and switches.

• Track Windows processes and registry changes
• Get to know the details of successful and failed windows back and restores
• Get details on router traffic, configurations, accepted connections and more
• Track AS400 system events. Get to know when a
  
  • User profile changes
  • Object is deleted
  • Job is changed
  • Ownership is changed and more

EventLog Analyzer also provides the reports that help to check the status of Applications running in your environment. It provides detailed reports on Application crashes that help in identifying the cause of the crash and thus reduces the troubleshooting cycle. Get to know the

• Application errors
• When does your application hang and why
• Occurrence of Blue Screen of Death (BSoD) and more

User Account Management

EventLog Analyzer's user account management reports help you to track and audit all the user management actions. With these reports get to know who created a suspicious privileged account, misusing their privileged rights to modify the user account passwords and more.

EventLog Analyzer provides real-time reports for user management actions such as

• User account creation/deletion/modification
• User account password changes & resets
• Failed password changes & resets
• User account lockouts
• Unlocked user accounts
• User account's expiry changes
• User account's logon workstation changes

System Account Management

Track the computer account management and group management and prevent internal security threats with EventLog Analyzer's account management reports. These automated reports not only help you to audit your active directory at regular intervals but also allows you to review your account management policies thus preventing the data loss due to internal security breach. The reports provide detailed information on

• Security Group/Distribution Group life cycle
• Members added/removed from the Security Group & Distribution group
• Computer account life cycle
• Network devices account management and more

Change Management

Track and audit your group policy and OU changes with out-of-the-box reports of EventLog Analyzer. Prevent the internal security threats at the earliest by detecting privilege access misuse. Get to know who changed the group policy settings or who created an unauthorized OU/ User account with EventLog Analyzer's Change Management reports. With these reports, get to know

• When a user right assigned/removed and by whom
• When, where and who created/deleted/modified OU and GPOs
• Audit policy (SACL) on Object Changes
• Authentication policy changes
• Domain policy changes and more.

EventLog Analyzer also provides reports that give detailed information on registry changes such as when was a registry created/deleted/modified/ accessed, failed registry creation/modification/deletion and more.

Identify and Analyze security threats

Analyze attack patterns and mitigate future security attacks by constantly monitoring the state of your network perimeter devices for threat indicators. With the detailed attack reports of EventLog Analyzer perform forensic analysis on security attacks which help in sealing the security loopholes in your network. EventLog Analyzer provides reports on

EventLog Analyzer provides real-time reports for user management actions such as

• Dos Attacks
• Downgrade Attacks
• Replay Attacks
• Terminal Server Attacks
• DoS Attack Entered in defensive mode
• Subsided Dos Attacks and more

Mitigating Firewall Threats

Identify attack attempts on your firewall device with EventLog Analyzer's Firewall Threat reports.These reports provide exhaustive information such as The solution provides detailed reports for

• Spoof Attack
• Internet Protocol half-scan Attack
• Flood Attack
• Ping of death Attack
• SYN Attack

Prevent Database Security Threats

Get the complete trail of your Database attacks with EventLog Analyzer's database security reports. These reports provide complete information on database attacks such as

• SQL Server/Oracle SQL Injection events
• SQL Server/Oracle Denial of Service

EventLog Analyzer also helps in proactively mitigating database security threats by providing detailed information on initial stages of attack attempts. It provides the reports for Oracle/SQL Server Account lockouts and Privilege abuse which help in mitigating the threat at the earliest.

Track unauthorized applications running in your environment

Limit the security attacks at your network by preventing the use of unauthorized applications. Enable and monitor application whitelisting and thereby allow only specific set of applications to run in your environment. Quickly view the applications that are allowed/denied to run in your environment with EventLog Analyzer's application whitelisting reports. These reports allow you to constantly monitor and revise your application whitelisting policies thus helping you to perform daily definition updates with an ease. With these reports, get to know detailed information such as

• Applications that are allowed/not allowed to run
• Applications that are not allowed to run due to enforced rules
• Software that are restricted to access programs and more

Monitor who gets accessed to your business confidential data in real-time with EventLog Analyzer's File Integrity Monitoring reports. EventLog Analyzer also provides top- level
reports based on users/hosts/file type for the critical file operations.These reports provide information on critical file operations such as

EventLog Analyzer provides real-time reports for user management actions such as

• File/folder deletion
• Confidential data modification
• File creation
• Access to critical data
• File permission changes
• Failed file creation, modification, deletion and more