Latest release: GFI LanGuard – Now with the NEW web based reporting UI and greatly increased scalability for larger networks Learn more

Forensic investigations and event logs

Event logs are the first line of investigation when something goes wrong; they provide a history of events. However, it is often difficult to reconstruct the timeline of disaster, just using logs. Because each computer on the network has its own security log, you are often stuck with fragmented audit trails. The critical activity that you need to find is too often scattered among dozens of computers. You are left with no way to view and analyze your network's security activity as a whole. Since locally stored event log files can be tampered with, this audit trail is not even secure.

GFI EventsManager™ solves the problem by consolidating all security events into a single database. It provides a range of search and drill down tools, comprehensive reporting capabilities and customizable reports. All this information is available instantly without having to employ consultants to carry out expensive investigations. Through GFI EventsManager's extensive diagnostic tools, you can easily conduct forensic investigations in-house in, saving you time and money.

Why use GFI EventsManager for forensic and diagnostic investigations?

  • Monitor for critical security events network-wide - detect attacks & malicious network users
  • Receive alerts about critical events on Exchange, ISA, SQL and IIS Servers
  • Back up and clear event logs network-wide, and archive to a central database
  • No client software/agents required

Next steps