Related Products
ADManager Plus

Active Directory Management & Reporting
Download | Demo
ADAudit Plus

Real-time Active Directory Auditing and UBA
Download | Demo
ADSelfService Plus

Self-Service Password Management
Download | Demo
Exchange Reporter Plus

Exchange Server Auditing & Reporting
Download | Demo
AD360

Integrated Identity & Access Management
Download | Demo
Log360

Comprehensive SIEM and UEBA
Download | Demo

Click here to expand

Reports for Applications

EventLog Analyzer has multiple report groups to track critical activity in Terminal servers, IIS Web Servers, SQL servers, and printers. The moment a suspicious event is detected, an alert notification will be sent via email or SMS. The following are the report groups available for applications.

Terminal Server Gateway Logons

These reports help in the monitoring of successful and failed connections in terminal servers. You can also track access to your critical resources using these reports.

Successful user disconnections from the resource
Successful user disconnections from the resource by administrators
Successful user connections to the resource
Failed user connections to the resource
Successful connection authorizations
Failed connection authorizations
Successful resource authorizations
Failed resource authorizations

Terminal Server Gateway Communications

These reports help in the monitoring of session activity in Terminal Servers.

Top Byte transferred
Top Byte received
Top Session Duration
Top activities based on events

Terminal Server Gateway Top Reports

These reports help determine which gateways, clients, and resources in your terminal servers have the highest usage.

Top Gateway Users
Top Clients
Top Resources

DHCP Windows Based Server Reports

These reports help monitor all critical activities in your DHCP Windows based servers such as lease granted, denied, or released, DNS updates, and critical requests. Since DHCP server auditing reports can track client-server exchanges that occur when IP addresses are allotted, these reports can be essential in detecting suspicious network activity.

Lease renewed by client
Lease denied
Lease Granted
Lease Released
Lease Expired
Lease Deleted
IP Found To Use in Network
Pool Exhausted
DNS Update Request
DNS Update failed
DNS update successful
Unreachable domain
BOOTP Lease Report
Authorization succeeded
Authorization failed
Server found in domain
Network failure
DHCP Logging started
DHCP Logging stopped
DHCP logging paused due to low disk
Critical Events Report
Error Reports
Warning Reports
Top Clients
Top Mac Address
DHCP Reports Overview

DHCP Linux Based Server Reports

Each step in the exchange of client-server messages in DHCP Linux based servers can be viewed using these reports. With these you can get information on the most active IP addresses, MAC addresses, gateways, and operations with the top N reports.

The DHCP Linux overview report will summarize all DHCP log events.

Discovers
Offers
Requests
Acknowledges
Releases
Negative Acknowledges
Abandoning IP
Information Report
DHCP Linux Overview
Top Operation
Top IP Address
Top MAC Address
Top Gateway

IIS FTP Server Reports

The IIS FTP Server reports can help you track user logons and logoffs, check what data is being shared, and also identify trends in the overall file sharing activity.

Logons
Failed Logons
Login attempts
File downloads
File uploads
Disconnects
File Transfer Aborts
File Deletions
Make Directories
Remove Directories
Rename Operations
List Directory Contents
Password Changes
Bad Sequence of Commands
Successful Commands
Command Syntax Errors
Transfer Incomplete due to insufficient space
Security Data Exchange
Top File Types Downloaded
Top File Types Uploaded
Top Users
Top Clients
Top Methods
Top Status
FTP Reports Overview

IIS Web Server Error Reports

With these reports, you can detect the problems users might be facing on your website and closely track all error alerts.

HTTP Status Success
Failed User Authentication
HTTP Bad Request
HTTP Payment Required
Site Access Denied
Password Change
HTTP Request URI Too Large
HTTP Request Entity Too Large
HTTP Expectation Failed
HTTP Unsupported Media Type
HTTP Locked Error
HTTP Bad Gateway
IP Address Rejected
Read Access_Forbidden
Write Access_Forbidden
Service Unavailable
Gateway Timeout
UNC Authorization Failed
Denied direct request to Global.asa
IO Operation Aborted
Web Server Restart
Web Server Busy
Information Reports
Success Reports
Redirection Reports
Client Error Reports
Server Error Reports

IIS Web Server Attack Reports

These reports can help you detect some of the most common and dangerous web server attacks instantly, including SQL injection attacks or denial of service attacks.

SQL Injection reports
Cross site scripting reports
Malicious URL Requests
Malicious File Executions
cmd.exe and root.exe file executions
xp_cmdshell executions
Admin Resource Accesses
Denied Directory listing
DoS Attacks
Directory Traversal
Spam Mail Header

Apache Web Server Error Reports

This report group can help you track several common HTTP error codes. It also has consolidated reports for both client errors and server errors. These reports help you identify which errors are occurring most frequently in your Apache web servers.

HTTP Status Success
HTTP Bad Gateway
HTTP Internal Server Error
HTTP Gateway Timeout
HTTP Request URI Too Large
HTTP Unsupported Media Type
HTTP Request Entity Too Large
HTTP Forbidden
HTTP Server Not Found
HTTP Request Timeout
HTTP Bad Request
HTTP Unauthorized
Information Reports
Success Reports
Redirection Reports
Client Error Reports
Server Error Reports

Apache Web Server Top Reports

These top reports can help you discover the most frequently occurring errors and rectify them. With these, you can also identify the most popular pages in your website and see who's accessing your site most often to get insights on user behavior.

Top Visitors
Top Users
Top URL
Top Browsers
Top Errors
Top Referrers
Apache Server Trend
Apache Reports Overview

Apache Web Server Attack Reports

These reports can help you detect some of the most common and dangerous attacks in Apache web servers such as SQL injection attacks or cross-site scripting errors.

SQL Injection reports
Cross site scripting reports
Directory Traversal
Malicious URL Request

SQL Server Advanced Auditing Reports

These reports assist database administrators in monitoring and tracking operational issues, unauthorized access to confidential data, and user permissions. Specifically, the Logins Information Report provides details on changes to login information, such as password alterations or updates to user and user group logins.

Column Modified Report
Last Login Time Report
Logins Information Report
Most Used Tables
Table Update Report
Index Information Report
Server Information Report
Waits Information
List Of Blocked Processes
Schema Change History
Object Change History
List Of Connected Applications
Security Changes Report
List Of Permissions
Last Backup of Database
Last DBCC Activity report

SQL Server DDL Auditing Reports

These reports help in monitoring and tracking structural changes within the database, including alterations to tables, views, procedures, triggers, schema, and other elements.

Databases Created
Databases Dropped
Databases Altered
Tables Created
Tables Dropped
Tables Altered
Views Created
Views Dropped
Views Altered
Stored Procedures Created
Stored Procedures Dropped
Stored Procedures Altered
Index Created
Index Dropped
Index Altered
Triggers Created
Triggers Dropped
Triggers Altered
Schemas Created
Schemas Altered
Schemas Dropped
DDL Events Summary

SQL Server DML Auditing Reports

The reports in this group can help you figure out when functional queries are executed, who executed them, and from where. You can also track activities such as data being viewed, updated, deleted, or new entries being added to your confidential data.

Selected Tables
Inserted Tables
Updated Tables
Deleted Tables
Execute Command
Receive Command
Check reference command executed
Jobs Added
Jobs Updated
Jobs Deleted
DML Events Summary

SQL Server Logon/Logout Events

This report group provides comprehensive insights into SQL Server logon and logout activities. These reports are helpful for monitoring user activity, detecting security threats, optimizing resource usage, and ensuring compliance with access policies.

Trusted Logons
Non-Trusted Logons
Top logons based on user
Top logons based on remote devices
Logons Trend
Logout Accounts

SQL Server Failed Logon Events

This report group monitor failed logon attempts in SQL Server, identifying top failure logons by users and remote devices while tracking trends over time. It helps quickly detect security breaches and authentication issues for effective mitigation.

Failed Logons
Top failure logons based on users
Top Failure Logons based on Remote Devices
Failed Logons Trend

SQL Server Startup Shutdown events

This report group provides insights into SQL Server's startup and shutdown events. It helps administrators monitor server activity, assess performance, and ensure smooth server operations.

Server Startups
Server shutdowns
Status Reports

Server Principal Changes

These reports can help you track create, update, and delete changes made to server principals.

Login Created
Login Dropped
Login Altered
Logins Enabled
Logins Disabled
Server roles Created
Server roles Dropped
Server roles Altered
Credential Created
Credential Dropped
Credential Altered

SQL Server Database Principal Changes

These reports can help you track changes made to any Database Principals, Applications, and Database Roles.

User Created
User Dropped
User Altered
DataBase Role Created
DataBase Role Dropped
DataBase Role Altered
Application Role Created
Application Role Dropped
Application Role Altered

SQL Server Password Changes

These reports help audit various methods of password changes within SQL Server.

All Password Changes
Own Password Changes
Own Password Changes Failed
Password Changes
Password Changes Failed
Password Reset
Password Reset Failed
Own password resets
Own Password Reset Failed
Logins Unlocked

SQL Server Audit Changes

These reports help audit the changes made to the Server audit or database audit configurations.

Server Audits Created
Server Audits Dropped
Server audits Altered
Server Audit Specifications Created
Server Audit Specifications Dropped
Server Audit Specifications Altered
Database Audit Specifications Created
Database Audit Specifications Dropped
Database Audit Specifications Altered
Audit Sessions Changed
Audit Shutdown on Failure

SQL Server Backup and Restore Events

These reports offer insights into SQL Server backup and restore events. It enables administrators to effectively manage data protection, monitor backup activities, and ensure database reliability and recoverability.

Database backup report
Database Restore
Database Backup Failed
Transaction log backup report
All Objects Backup Report

SQL Server Auditing Account Management

These reports can help you track changes made to any account with respect to the users, logons and logoffs, and passwords. You can also track the creation, deletion, or modification of privileged accounts to ensure that unauthorized privilege escalations don't take place. In addition, you can audit logon and logoff activities, and learn the reasons behind logon failures and instantly know when the password of a critical account gets changed, and more.

User Created
User Dropped
User Altered
Login Created
Login Dropped
Login Altered
Database Role Created
Database Role Dropped
Database Role Altered
Application Role Created
Application Role Dropped
Application Role Altered
Credential Created
Credential Dropped
Credential Altered
Own Password Changes
Failed Own password changes
Password changes
Password changes Failed
Password resets
Password resets Failed
Own password resets
Failed Own password resets
Unlocked accounts
Enabled users
Disabled users

SQL Server Auditing Server Reports

These reports help audit MS SQL Server activities such as startups, shutdowns, logons, logon failures, database backup, restoration, audit, audit specifications, administrator authorities, and a lot more.

Database backup report
Database restoration report
Transaction log backup report
Admin authority changes report
Permission changes report
Owner Changes report
Created server roles
Dropped server roles
Altered server roles
Created Server Audits
Dropped Server Audits
Altered server audits
Created Server Audit Specifications
Dropped Server Audit Specifications
Altered Server Audit Specifications
Created Database Audit Specifications
Dropped Database Audit Specifications
Altered Database Audit Specifications
Changed Audit Sessions
Shutdown and Failure Audits
Trace Audit C2 On
Trace Audit C2 Off
Started Trace Audits
Stopped Trace Audits
Server Startups
Server shutdowns
Logons
Failure logons
Logout Accounts
Top logons based on user
Top logons based on remote devices
Top failure logons based on users
Top failure logons based on remote devices
Logons Trend
Failed Logons Trend
Event Trend report

SQL Server Security Reports

This report group gives detailed information on SQL injection and denial of service attacks to help you conduct detailed forensic analysis on how the attack happened.

You can also track account lockouts, privilege abuses, and unauthorized copying of sensitive data with these reports.

Privilege Abuse
Unauthorized Copies of Sensitive Data#
Account Lockouts
SQL Injection
Denial of Service
Additional Security Events

SQL Server System Events

This report group monitors critical system events in SQL Server, including processes killed by the host, access violations, and insufficient resource events. It helps administrators identify and address system issues promptly for optimal server performance and stability.

Processes Killed by Host
Access Violation
Insufficient Resources Events

SQL Server DBCC Information Reports

These reports help you track the execution of DBCC commands in your SQL servers.

DBCC Check Catalog required
DBCC Check DB required
DBCC failure events

SQL Server Host Activity Reports

This report help you track host activity in your SQL servers.

Killed processes by hosts

SQL Server Integrity Reports

These reports ensure data integrity by consolidating SQL server error notifications, helping to detect any tampering with data.

Check Database Integrity
Check Catalog Integrity
Check Table Integrity
DBCC Error Events
Integrity check Failure

SQL Server Authority Changes

With these reports, you can track changes in role membership, permissions, and ownership, ensuring data integrity and security.

Role Members Added
Dropped Role Members
Permissions Changed
Ownership Changed

SQL Server Trace Changes

This report group offers a comprehensive overview of trace activity within SQL Server environments. They help in monitoring system activity and ensuring compliance with auditing standards.

Trace Audit C2 On
Trace Audit C2 Off
Started Trace Audits
Stopped Trace Audits

SQL Server Permissions Denied Reports

The SQL server permissions denied reports can help you track unauthorized access attempts on critical data.

Object permission denied
Column permission denied
Database permission denied
Alter DB permission denied

SQL Server Violation Reports

SQL server violation report can give you details on the access violations which could be indicative of an attack or data theft.

Access violation

SNMP Trap Type Reports

These report can help you consolidate the information from SNMP traps and help you manage your network better.

Cold Start
Warm Start
Link Down
Link Up
Authentication Failure
EGP Neighbor Loss
Enterprise Specific

SNMP Severity Reports

These reports can help you track the error and information events to ensure that critical issues are brought to your notice.

Error Events
Information Events

Oracle Auditing Reports

These reports provide insights into Oracle database access, command execution, critical task performance, and more, including who did what, when, and from where.

Created Databases
Dropped Databases
Altered Databases
Created clusters
Dropped clusters
Altered Clusters
Created Tables
Dropped Tables
Altered Tables
Selected Tables
Inserted Tables
Updated Tables
Deleted Tables
Created functions
Dropped functions
Altered functions
Created Schemas
Created procedures
Dropped procedures
Altered procedures
Executed procedures
Created triggers
Dropped triggers
Altered Triggers

Oracle Auditing Account Management

These reports can help track the creation, modification, and deletion of user accounts and roles. With these reports, you can also monitor who accessed a user account or role, from where, and when the event occurred.

Created profiles
Dropped profiles
Altered profiles
Users created
Dropped users
Altered users
Roles created
Dropped roles
Altered roles
Granted roles
Revoked roles
System Grant
System Revoke

Oracle Auditing Server Reports

These reports give insights on Oracle database access to monitor all user activity within the database. These reports help you audit user logons, remote logons, and user logoffs.

Connect Events
Server Startup
Server Shutdown
Logons
Failed Logons
Top logons based on users
Top logons based on remote devices
Top failed logons based on users
Top failed logons based on remote devices
Logon Trend
Failed logon trend
Oracle Events Trend

Oracle Security Reports

These reports help you detect attacks on Oracle databases such as SQL injections and Denial of Service attacks. With these you can also track expired passwords and account lockout to ensure that legitimate uses have uninterrupted access to resources.

SQL Injection report
Account Lockouts
Expired Passwords
Denial of Service Reports

MySQL Logon Events

These reports will help you track logons in your MySQL database to ensure that there is not unauthorized access to your MySQL database.

Logon Success
Logon Failures

MySQL General Statements

These reports help you track DDL and DML statements to make sure that there is no unauthorized modification or access to sensitive data.

DDL Statements
DML Statements
Transactional and Locking Statements
Utility Statements
Replication Statements

MySQL Database Administrative Statements

These reports can help you track database administrative statements including account management and resource group management statements in MySQL servers.

Account Management Statements
Resource Group Management Statements
Table Maintenance Statements
Component and Plugin Statements
Other Administrative Statements
Set Statements
Show Statements

MySQL Server Events

This report helps you track startup and shutdown events in your MySQL server.

Server Startup/Shutdown Events

Printer Auditing

The printer auditing reports help you keep track of the documents that get printed within your network. These reports can also help you identify which documents get printed the most and by whom. This can help ensure that sensitive information is not indiscriminately printed which can increase the risk of data theft.

Documents Printed
Deleted documents
Timed out documents
Moved Documents
Resumed Documents
Paused documents
Corrupted documents
Documents' priority changes
Insufficient Privilege to Print Documents
Top printed documents based on users
Top printed documents
Printer Activity trend
Failed Printer Activity Trend

Sysmon Process Auditing Reports

Process Created
Process Terminated
Remote Thread Creation
Process Access
Pipe Created
Pipe Connected

Sysmon Registry Auditing Reports

Registry Object Renamed
Registry Value Set
Registry Key Created
Registry Key Deleted
Registry Value Created
Registry Value Deleted

Sysmon File Auditing Reports

File Created
File Stream Creation
File Time Change
Raw Access Read

Sysmon Library and Drivers Reports

Drivers Loaded
Image Loaded

Sysmon Network Auditing Reports

Network Connection
DNS Query

Sysmon WMI Auditing Reports

WMI Filter Events
WMI Event Consumer Activity
WMI Consumer to Filter Activity

Sysmon Configuration Reports

Service State Change
Config Modification

ADSelfService Plus Product Activity Report

All Activity

ADSelfService Plus Debug Reports

Instances Created
Services Created
Server Started
Successful Logins
Failed Logins

ADSelfService Plus Web Access Reports

HTTP Status Success
HTTP Bad Gateway
HTTP Internal Server Error
HTTP Gateway Timeout
HTTP Request URI Too Large
HTTP Unsupported Media Type
HTTP Request Entity Too Large
HTTP Forbidden
HTTP Server Not Found
HTTP Request Timeout
HTTP Bad Request
HTTP Unauthorized
Information Reports
Success Reports
Responses over time
Client Error Reports
Server Error Reports

ADManager Plus Product Activity Report

All Activity

ADManager Plus Debug Reports

Instances Created
Services Created
Server Started
Successful Logins
Failed Logins

ADManager Plus Web Access Reports

HTTP Status Success
HTTP Bad Gateway
HTTP Internal Server Error
HTTP Gateway Timeout
HTTP Request URI Too Large
HTTP Unsupported Media Type
HTTP Request Entity Too Large
HTTP Forbidden
HTTP Server Not Found
HTTP Request Timeout
HTTP Bad Request
HTTP Unauthorized
Information Reports
Success Reports
Responses over time
Client Error Reports
Server Error Reports

ADAudit Plus Product Activity Report

All Activity

ADAudit Plus Debug Reports

Instances Created
Services Created
Server Started
Successful Logins
Failed Logins

ADAudit Plus Web Access Reports:

HTTP Status Success
HTTP Bad Gateway
HTTP Internal Server Error
HTTP Gateway Timeout
HTTP Request URI Too Large
HTTP Unsupported Media Type
HTTP Request Entity Too Large
HTTP Forbidden
HTTP Server Not Found
HTTP Request Timeout
HTTP Bad Request
HTTP Unauthorized
Information Reports
Success Reports
Responses over time
Client Error Reports
Server Error Reports

Endpoint Central SOM Management

Computer Modifications
Domain Changes
IP Scope Changes
Replication Policy Events
Agent Updates

Endpoint Central Remote Activity

Remote Control Activities
Remote Shutdown Actions

Endpoint Central Patch Management

Successful Patch Events
Policy Deployment Events

Endpoint Central Device Control Management

Whitelist Events
Temporary Access Events
Policy Events
File Extension Group Events
Policy Deployment Events

Endpoint Central Inventory Management

Inventory Scanning Changes
License Modifications

Endpoint Central BitLocker Reports

Recovery Key Audit Events
Policy Events
Policy Deployment Events

Endpoint Central User Management

Successful Logons
Password Policy Modifications
User Account Modifications
Role Changes
Other User Activities

ITOM Solutions Product Activity Report

All Activity

ITOM Solutions Debug Reports

Instances Created
Services Created
Server Started
Successful Logins
Failed Logins

ITOM Solutions Web Access Reports:

HTTP Status Success
HTTP Bad Gateway
HTTP Internal Server Error
HTTP Gateway Timeout
HTTP Request URI Too Large
HTTP Unsupported Media Type
HTTP Request Entity Too Large
HTTP Forbidden
HTTP Server Not Found
HTTP Request Timeout
HTTP Bad Request
HTTP Unauthorized
Information Reports
Success Reports
Responses over time
Client Error Reports
Server Error Reports