WhatsUp Event Analyst®
Automated Event Log Filtering, Correlation and Reporting
Your event logs are a treasure trove of information. If properly set up, they record every network event on your servers, devices and applications for you to use in a variety of situations. They can be critical to launching an immediate incident response when you face a network outage or a security threat. They present the means for you to prove compliance to regulatory requirements including Sarbanes Oxley, HIPAA, GLB, FISMA, PCI DSS, NISPOM, NERC CIP and others. However, you know that sifting through the volumes of logs from every possible network source is an unmanageable exercise. You need the tools to filter, correlate, export and report on event logs in a way that presents the right information to your team and your management.
After all, what you learn from your event log data is crucial to shaping your network security policies, user access management and data protection requirements. Only ongoing event log analysis gives you the assurance that they are indeed working as expected and you are in compliance with internal policies and regulatory requirements. You also need to be able to share the insights from your event log data with your management to get their buy-in and support their decision making. With all the things at stake, we take it that you wouldn’t want your network’s security policies to depend just on your own manual analysis of volumes of log data. And with the variety of equipment and applications and log formats, you need a powerful and flexible reporting system that is quick, simple and effective to use.
Ensuring Reliability and Accountability in Event Log Reporting
WhatsUp Event Analyst ® enables network professionals to easily filter through stores of log file data for specific event logs and then view, filter, export and report on those events of interest. The capability to efficiently search vast amounts of log data and report the findings is vital to the health of network security conscious businesses of any size. And with the ability to define, store, schedule and send automated reporting as needed – WhatsUp Event Analyst makes Event log reporting reliable, accountable and auditable.
With WhatsUp Event Analyst you can:
- Use specialized prepackaged reports for reporting on standard event log and compliance criteria
- Generate custom log data reports and charts on any filtered event entries
- Share reports in clear, printer friendly HTML formats with management and auditors
- Correlate and analyze across events and event descriptions across multiple log files at once
- View, filter, convert to/from, export and report on multiple types of log formats
- Easily index and report on WhatsUp Event Archiver and WhatsUp Event Alarm databases
- Use it standalone as a simple, powerful and cost-effective log reporting tool
Key Capabilities of the WhatsUp Event Analyst include:
Powerful and Intuitive Event Log Correlation and Analysis
WhatsUp Event Analyst is a powerful and intuitive tool for analyzing event log data, filtering log entries and examining log files. Its special "windowing" technology enables administrators to correlate different cross sections of event log records from multiple sources simultaneously without sacrificing speed. WhatsUp Event Analyst's highly intuitive interface allows network administrators to quickly sift through logs, jump to specific dates or rapidly scroll through them chronologically. It allows local storage of frequently sought after events and event filters, for easy access at any time. WhatsUp Event Analyst ships with many predefined filters that are of immediate use to almost every network administrator out of the box.
Support for Multiple Types of Event Log Formats
WhatsUp Event Analyst works with a wide-variety of event log data formats. It can view, filter, convert to/from and report on saved EVT and EVTX log files, comma-delimited text files and log information from active computers. Like other components of the WhatsUp family of Event Log Management solutions, it uses the patented and exclusive Log Refiner ™ Technology to report on both Windows EVT and EVTX log formats simultaneously. WhatsUp Event Analyst can also easily access and analyze WhatsUp Event Archiver and WhatsUp Event Alarm data stored in Microsoft Access, Microsoft SQL or Oracle databases.
Prepackaged and Custom Event Log Reporting
WhatsUp Event Analyst helps network professionals generate reports based on pre-designed modules or user-customized ones. Virtually any type of security event can have its key subfields parsed out, grouped, sorted and formatted inside WhatsUp Event Analyst's custom reporting engine. The clear and printer-friendly HTML and CSV reports prove invaluable for explaining network phenomena to managers and compliance officers, as well as providing security information to law enforcement agencies. WhatsUp Event Analyst aids compliance reporting through pre-built modules and with special capabilities like tracking of file and folder access and deletion – which is critical to many compliance efforts.
Automated Report Distribution Saves Time and Effort
WhatsUp Event Analyst prepackaged report modules can be scheduled using the WhatsUp Event Analyst Service. Scheduling a report is as easy as choosing a scheduled time and day, the source of the log records, a filter and an output folder. Reports may even be emailed automatically to a list of specified recipients.