GFiLANguard Security Event Log Monitor
GFiLANguard Security Event Log Monitor
GFiLANguard Security Event Log Monitor is a windows event log management tool. It collects event logs from remote computers, consolidates, analyzes and filters them, alerts administrator based on severity of event and security level of computer, and provides an overview of security situation by generating built-in and customized reports. It can help monitor modification to important files, intrusion attempts, unauthorized logons etc. It has three primary functions of collecting data, analyzing and archiving it. No agent/client is required on remote computers. Supports collecting system and application event log, in addition to security log. It uses SMB over RPC and requires opening of ports 139 and 445 to remote computer
Implementation starts with selecting the computer to monitor, categorizing events based on time of occurrence and security level of the computer. It then sends alert for all critical events. Custom alerts can be created for other events.
Apart from windows OS, IIS, exchange, SQL and ISA server events can also be monitored.
LANguard generates alerts in real time using email and SMS (email-to-SMS).
Supports advanced filtering of events based on ID and content. LANGuard event viewer is more advanced version of windows event viewer. It has a powerful filter that can drilled down to specific user, computer and event types with a condition builder
Supports SQL, MSDE and Access as back-end database for archiving events.
Allows remote event log management tasks such as backup and purging of event log
GFiLANguard Security Event Log Monitor is a windows event log management tool. It collects event logs from remote computers, consolidates, analyzes and filters them, alerts administrator based on severity of event and security level of computer, and provides an overview of security situation by generating built-in and customized reports. It can help monitor modification to important files, intrusion attempts, unauthorized logons etc. It has three primary functions of collecting data, analyzing and archiving it. No agent/client is required on remote computers. Supports collecting system and application event log, in addition to security log. It uses SMB over RPC and requires opening of ports 139 and 445 to remote computer
Implementation starts with selecting the computer to monitor, categorizing events based on time of occurrence and security level of the computer. It then sends alert for all critical events. Custom alerts can be created for other events.
Apart from windows OS, IIS, exchange, SQL and ISA server events can also be monitored.
LANguard generates alerts in real time using email and SMS (email-to-SMS).
Supports advanced filtering of events based on ID and content. LANGuard event viewer is more advanced version of windows event viewer. It has a powerful filter that can drilled down to specific user, computer and event types with a condition builder
Supports SQL, MSDE and Access as back-end database for archiving events.
Allows remote event log management tasks such as backup and purging of event log
posted by Usman Wahid at
3:34 PM
0 Comments:
Post a Comment
<< Home