Forensic investigations and event logs

Event logs are the first line of investigation when something goes wrong; they provide a history of events. However, it is often difficult to reconstruct the timeline of disaster, just using logs. Because each computer on the network has its own security log, you are often stuck with fragmented audit trails. The critical activity that you need to find is too often scattered among dozens of computers. You are left with no way to view and analyze your network's security activity as a whole. Since locally stored event log files can be tampered with, this audit trail is not even secure.

GFI EventsManager™ solves the problem by consolidating all security events into a single database. It provides a range of search and drill down tools, comprehensive reporting capabilities and customizable reports. All this information is available instantly without having to employ consultants to carry out expensive investigations. Through GFI EventsManager's extensive diagnostic tools, you can easily conduct forensic investigations in-house in, saving you time and money.

Why use GFI EventsManager for forensic and diagnostic investigations?

  • Monitor for critical security events network-wide - detect attacks & malicious network users
  • Receive alerts about critical events on Exchange, ISA, SQL and IIS Servers
  • Back up and clear event logs network-wide, and archive to a central database
  • No client software/agents required

Next steps

Awards and reviews

Previous Next
    • Preferred Product’ award for GFI EventsManager
      RED_ReadrsChoice11_PP

      Preferred Product’ award for GFI EventsManager

      GFI EventsManager is named preferred product in th...

      RED_ReadrsChoice11_PP

      Preferred Product’ award for GFI EventsManager

      GFI EventsManager is named preferred product in the ‘best security auditing product’ category of Redmond Magazine’s Best of the Best Readers Choice Awards 2011.
      Redmond - December, 2011

    • HP Converged Infrastructure Ready Certification
      HP Converged Infrastructure Ready Certification

      HP Converged Infrastructure Ready Certification

      GFI Software, an HP alliance partner, has been cer...

      HP Converged Infrastructure Ready Certification

      HP Converged Infrastructure Ready Certification

      GFI Software, an HP alliance partner, has been certified HP Converged Infrastructure Ready - demonstrating GFI’s expertise in delivering solutions that are Converged Infrastructure compliant.

    • InfoWorld reviews GFI EventsManager
      Infoworld Logo

      InfoWorld reviews GFI EventsManager

      "GFI EventsManager Report Pack comes with dozens o...

      Infoworld Logo

      InfoWorld reviews GFI EventsManager

      "GFI EventsManager Report Pack comes with dozens of predefined reports (mostly Windows-related), each of which can be edited or used to make new reports." - InfoWorld

    • Editor’s Choice
      WinITPro_EditorsChoice.gif

      Editor’s Choice

      In a comparative review in of log management produ...

      WinITPro_EditorsChoice.gif

      Editor’s Choice

      In a comparative review in of log management products in WindowsIT Pro, the magazine gives GFI EventsManager 4.5 marks out of 5 for both its ease of implementation and ease of use. The reviewer recommends GFI EventsManager for anyone “whose log management needs are limited to Windows Events logs, syslog output and W3C log file information”. - Windows IT Pro