ManageEngine EventLog Analyser v8.6
April 01, 2014
Starting at £480 (includes annual maintenance and support, plus upgrades).
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Installation, documentation and ease of installation.
- Weaknesses: Behind the initial dashboard, large data blocks were hard to read.
- Verdict: This is a good entry-level SIEM.
EventLog Analyser retains log data generated by network systems, devices and applications in a centralised repository. It encrypts the log data to ensure data is secured for forensic analysis and compliance audits. The archived data is hashed and time-stamped to show evidence that the logs have not been tampered with. EventLog Analyser collects log data from agent and agentless data sources (typically from syslog or WMI sources). By default, the tool uses a PostgreSQL database (users can choose other databases, such as My SQL or MS SQL depending on the needs). The system also enables log import from a local/remote host through HTTP/HTTPS and FTP. The Universal Log Parsing and Indexing (ULPI) technology enables the import of logs irrespective of data source. The Real-Time Event Response function sends out instant alerts via email, SMS or triggers remediation script based on correlation rules. The system provides facilities an option to build custom alerts. Normalised log data is accessed by the Report Builder, Integrated Compliance Management System and Real-Time Event Response system to trigger alerts.
Installation and configuration documents and installation software came on a CD. The installation was easy, taking less than 30 minutes to get the system up and running. The company's website provided a great set of additional resources for using the tool. EventLog Analyser can be installed using 32-bit/64-bit VMware, Windows and Linux environment with minimal prerequisites/technical specifications. Its installation should be on a dedicated PC or server. The software can be resource intensive and a busy processor may cause problems while collecting event logs. However, once the system was running, it was easy to work with almost all of the functions and features.
The support costs were not clearly defined. Basic no-cost support is offered to evaluators who need technical support during their product evaluation. Email, telephone and web-based support is available during local business hours.
There are four support levels. The initial level handles basic customer issues. A more in-depth technical level offers up support engineers. A higher level handles the most difficult or advanced problems and includes on-site aid by a technician. At the top level, a product manager steps in and gets the problem solved.
Without knowing the various support costs for the product, it is difficult to determine the full value. However, based on just the cost of the product itself, this is a good value for companies looking for an entry-level SIEM.Prices are US-based, thus indicative only.
SC Webcasts UK
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry