GFI EventsManager | Event Log Management

GFI EventsManager®

Listen to your network - Complete log data analysis and IT management

Real-time and complete event log data management integrated with IT infrastructure and operations monitoring. Its unique approach to incident detection and remediation make it as efficient for security incidents as for network failures or service outages.

NEW! GFI EventsManager ā€“ now with active network and server monitoring!
GFI EventsManager will help you with:
  • Log data collection, analysis, interpretation and consolidation with SIEM capabilities
  • Active IT infrastructure and operations monitoring based on monitoring checks
  • Proactive network, server and security monitoring based on event log data.
  •  
    Use GFI EventsManager to:
  • Reduce costs with simplified, automated IT management
  • Increase productivity by cutting downtime and preventing outages
  • Boost security by monitoring security policies, activity across the network and identifying suspicious or potentially dangerous events;
  • Cover compliance needs with event log data consolidation and retention.
  •  
    Security information and event management ā€“ SIEM

    Protect against threats by detecting suspicious activity, monitoring security policies, security-related mechanisms (such as encryption, authentication and authorization), and applications (such as antivirus or firewall).

    Active IT Infrastructure and operations monitoring

    Actively detect IT issues using check-based and real-time monitoring of the availability, functionality, usage and performance of your entire network, from network devices, workstations and servers to applications, business, infrastructure services and network protocols.

    Proactive monitoring based on log data

    Get proactive in detecting problems before they occur and affect your business, simplify your IT management by having debug data from the assets that failed in the same console that sends the failure alert.

    Forensic investigation

    In case of litigation or security incidents, advanced filtering capabilities and drill-down log browsing enables advance forensic investigation of user and network activity.

    Event log data centralization and consolidation for compliance

    Prove accountability for the actions occurring in your IT environment by collecting, analyzing, normalizing and consolidating log data from across the network. Cover your event log data-related requirements of PCI DSS, HIPAA, SOX and more.

    Makes sense of event log data ā€“ operational intelligence

    Log data comes in high volumes and is cryptic by nature, but at the same time it contains loads of useful information about what is going on in your environment. GFI EventsManager interprets and translates log data, delivering operational intelligence and bringing visibility and insight into business operations.

    Compatibility

    Supports a wide range of log types such as Windows, syslog, text-based files, W3C, SNMP traps, XML, SQL Server and Oracle, etc., enabling monitoring of servers, workstations, network devices and applications.

    Scalable

    Can comfortably report on over 2 billion log entries with average server hardware. Even works in highly distributed and secure environments, where there is no persistent connection between sites.

    Free trial

    "GFI EventsManager strikes an efficient balance between conserving system resources and keeping you up-to-date with suspicious events throughout your network."

    Randy Franklin Smith, Ultimate Windows Security

    Four and a half starts out of five Supports Virtual Environments

    View this webcast to discover how GFI EventsManager provides active network and server monitoring to track the health and performance of your devices, monitors and manages your event logs automatically and centrally, helps you identify and remediate issues quicker than ever, while ensuring compliance, boosting your network security and delivering intelligence from your event logs.

    GFI EventsManager ships with a number of predefined processing rules. Event processing rules are a set of configurations that enable GFI EventsManager to capture and process specific events such as System Health events, Security events and more. Learn how to view event processing rules, customize predefined processing rules and apply rules to event sources.

    The need for effective event management

    Challenges, strategies and solutions to effective event management.

    This white paper shows where GFI EventsManager fits in this picture and how it is an invaluable asset in the corporate toolbox.

    Configure IBM iSeries event collection with audit and ESM

    Configuration of IBM iSeries event collection with Audit and GFI EventsManager

    This document explains how to configure and use GFI EventsManager to collect IBM iSeries (formerly AS/400) audit events through Audit, a software tool developed by Raz-Lee Security.

    How to perform network-wide security event log management

    Use GFI EventsManager for intrusion detection and essential auditing of security event logs.

    This white paper explains the need to monitor security event logs network-wide and how you can achieve this using GFI LanGuard S.E.L.M. (now GFI EventsManager). It is written by Randy Franklin Smith, author of the in-depth series on the Windows security log in Windows 2000 and .NET Magazine.

    SharePoint event collection

    How to configure SharePoint event collection with LOGbinder SP and GFI EventsManager

    This document explains how to configure and use GFI EventsManager to collect Microsoft SharePoint audit events which have been processed by LOGbinder SP in order to make the information more readable and manageable.

    System requirements: Hardware
    • Processor: 2.5 GHz dual core or higher
    • RAM: 3 GB
    • Hard disk: 10 GB of available space
    NOTE: Hard disk size depends on your environment, the size specified in the requirements is the minimum required to install and archive events.
     
    System requirements: Software
     
    Supported operating systems
    • Windows® Server 2012 - Foundation, Essentials, Standard or Datacenter
    • Windows® Server 2008 - Standard or Enterprise
    • Windows® Server 2008 R2 - Standard or Enterprise
    • Windows® Server 2003 SP2 - Standard or Enterprise
    • Windows® 8 - Standard, Professional or Enterprise
    • Windows® 7 - Enterprise, Professional or Ultimate
    • Windows® Vista SP1 - Enterprise, Business or Ultimate
    • Windows® XP Professional SP3
    • Windows® SBS 2008
    • Windows® SBS 2003
    Other components
    • .NET 4
    • Microsoft Data Access Components (MDAC) 2.8 or later
    • (Optional) A mail server (If email alerting is configured).
    Software requirements - Scanned machine(s)
    • For Microsoft Windows event log scanning: Remote registry service must be enabled and source folders must be accessible via Windows shares.
    • W3C log scanning: The source folders must be accessible via Windows shares.
    • Syslog and SNMP Traps: Sources/senders must be configured to send messages to the computer/IP address where GFI EventsManager is installed.
    • Microsoft Windows Vista or later scanning: GFI EventsManager must be installed on a system running Microsoft Windows Vista or later.