Event log data is a unique source of information for security, audit, compliance and troubleshooting. Native event logging mechanisms provided by Windows and Unix systems and network devices (such as Cisco and Checkpoint) don't have built-in consolidation, archiving, alerting and reporting features, required to effectively utilize event data and comply with external regulations like SOX, HIPAA, PCI, and others. Numerous event logs and syslog events in uncompressed format spread all over the network, with tons of events lost every day because of overwrites, represent a big security and compliance issue (download 
Summary: Limitations of Native Tools).
Netwrix Event Log Manager is an event log consolidation, alerting and archiving tool that allows you to collect event logs and syslog events from multiple computers across the network, alerting and reporting on most critical events and centrally archiving all events in a compressed format that enables convenient analysis of archived event log data.
Netwrix Auditing Platform Architecture
The Freeware edition supports up to 10 servers. The product also has an Enterprise edition that supports unlimited number of servers, features long-term archiving storage and distributed data collection for highest performance. The long-term archiving of event logs is required by compliance regulations, e.g. SOX and HIPAA require 7 years of data, PCI requires 1 year, etc.
Features and benefits:
- Event Log Archiving
- Event Log Consolidation
- Real-Time Alerting
- Web-based Reporting
- Supports Windows Server, RedHat Linux, Ubuntu and other systems
- Automatic discovery of managed computers from IP ranges
- Includes predefined reports for regulatory compliance
Looking for a configuration auditing solution? Try Netwrix Auditor >
Unlike traditional log management solutions (SIEM), which are too generic and don't meet change auditing needs, Netwrix Auditor helps to easily find relevant answers to key questions: who changed what, when, and where in the entire IT infrastructure, including previous and new values for modified settings. The product generates easy to understand reports with complete information on every change that has occurred in the IT infrastructure, and helps to sustain regulatory compliance, adhere to business processes, tighten security, minimize risk, avoid downtime, and monitor network resources.
