Support
 
Support Get Quote
 
 
 
 
 
Email Download Link

Log Search

Home » Features » Log Search

Searching Log Data for Network Security Intelligence

Detecting the activity of hackers and insiders is never easy. Enterprises may have the best of network security solutions to detect network anomalies and mitigate them, but enterprise assets still continue to get compromised. Protecting your network from every attack is impossible, but there is one reliable source that can help you track down the activity of hackers and insiders - Your Log Data. IT administrators need to conduct forensic investigation by searching their log data to track down the network intruder and network problems. Your log data has a detailed record of all activities that happened on the network. IT administrators should leverage the network security intelligence provided by their machine generated log data.

Manually searching your log data is impossible since you have to go through thousands of event records. Wouldn't it be great if you could just type certain keywords and get what you are searching for in seconds? This would totally eliminate you from the painful process of searching through the logs manually. Using EventLog Analyzer's Log Search functionality, you can get the precise information that you need and take proactive measures to secure your network and mitigate network threats.

EventLog Analyzer's Log search engine

EventLog Analyzer's Log search functionality is very easy and allows you to do a free form search. When a user enters a search criterion in the search bar, EventLog Analyzer rapidly drills down into the raw logs and retrieves the results for your search query. The search criteria can consist of Wild-cards, Phrases, and Boolean operators. EventLog Analyzer also allows you to do Grouped searches and Range Searches. EventLog Analyzer does not limit you to a set of predetermined fields while conducting a search. You can search using event ids, severity, source, username, IP address, etc. or combination of all to meet your search requirement.

EventLog Analyzer's log search helps users to perform log forensic analysis. Users can easily drill down through terabytes of raw log data and get what they are looking for, using EventLog Analyzer's log search functionality.

Launch relevant searches from correlation reports

EventLog Analyzer includes a powerful correlation module which helps you identify attack patterns at the earliest. The in-depth correlation reports don't just provide you with a ready-made timeline of the suspicious incident, but also allow you to launch instantaneous log searches with a single click, so you can review all activities involving the compromised devices and user accounts.

Log Search using Basic Search and Advanced Search

EventLog Analyzer provides two different log search capabilities; the Basic Search and the Advanced Search. Both search capabilities provide powerful log search capabilities for your log data.

EventLog Analyzer's Basic and Advanced search allows network administrators to precisely pinpoint the exact log entry which caused the security activity, find the exact time at which the corresponding security event had happened, who initiated the activity and also, the location from where the activity originated.

EventLog Analyzer's Basic Search allows users to search for anything by just typing the search query in the search box. While typing the search query the user gets auto suggestions thus making the search process more simplified. Basic search permits users to use Wild-cards, Phrases, and Boolean operators while framing their search query. Grouped searches and Range Searches can also be conducted when using basic search.

EventLog Analyzer's Advanced Search has much more sophisticated search capabilities but the ease of use remains the same like basic search. Advanced Search is used when the user is trying to do a root cause analysis by correlating multiple events and attributes. Advanced Search enables users to search by executing the search against multiple search criterion groups at one time. Filters can also be used with Advanced Search, to filter out certain events types, severity and other attributes.

IT administrators, build complex queries to perform Log Search. The real difficulty arises when they want to perform this search more frequently and each time they have to type the entire complex query to get their search results.Wouldn't be easier if those logs are bookmarked and the search is done in a simpler way without typing the query?

EventLog Analyzer provides you with a handy tagging tool that makes your Log Search simpler and more effective.Tagging tool bookmarks your logs and the next time you want to search for those logs, you can just search them by tag name instead of typing the entire search query.This feature also provides you a room for adding/editing the search criteria, enabling you to refine your search anytime.You can also add trouble shooting tips or notes along with your tag, that helps in providing information for other users in analyzing those logs.

Use flexible search options to gain insights from millions of network logs

Download
Download
 
Terminal Server Log Monitoring
User Session Tracking

EventLog Analyzer Trusted By

Los Alamos National Bank Michigan State University
Panasonic Comcast
Oklahoma State University IBM
Accenture Bank of America
Infosys
Ernst Young

Customer Speaks

  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank
TestimonialsCase Studies

Awards and Recognitions

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
A Single Pane of Glass for Comprehensive Log Management
Log ManagementLog AnalysisIT ComplianceSIEMQuick LinksRelated Products

A Single Pane of Glass for Comprehensive Threat Management

Free Trial Get Quote
Email Download Link