EventSentry is a hybrid SIEM (security information and event management) solution which offers businesses a range of tools including event log monitoring, reporting, health monitoring, compliance management, network monitoring, environment tracking, data consolidation, Active Directory integration, and more. The platform combines real-time event log monitoring with health, environment, and network monitoring to provide businesses with a 360 view of their servers and endpoints.
The event log monitoring feature within EventSentry allows users to track events in real time, filter messages based on custom parameters, and send them to the relevant people or places. The platform facilitates the matching of events based on properties such as source, category, message, ID, and more, as well as wild card and regular matching. EventSentry can be used to monitor system health in real time, and track hardware, uptime, software, applications, file change, processes, and more. Other features of EventSentry include environment monitoring, web reports, compliance management, real-time notifications and alerts, and log consolidation.
Avantages
The flexibility and range of use
Inconvénients
Nothing notable so far
Did a WebEx with my supervisor to demo EventSentry and show how I’m using it here in our East Coast office. Whenever my boss asked a question, I could display info and immediately provide an answer with just a few mouse clicks. Simple, fast, and on-point. He was very impressed.
Installation of upgrades has been smooth and easy. I don't worry that an upgrade will cause loss of my event log data.
Excellent documentation of EventSentry installation procedures, use of features, and troubleshooing methods.
My company is starting to purchase more licenses and expand use of EventSentry to more of our systems. It's exactly what we need for event log consolidation, auditing, and system management.
Avantages
I use several tools for management of computers and networks. EventSentry stands out with its clean, colorful, easy-to-use interface.
Set up a web report/data view you need and bookmark it. Quickly surf through browser tabs to view exactly what you're looking for. Identify a problem, assess the situation, then click on the data/graph to drill down for more detail.
EventSentry Tech Support staff is outstanding. I've contacted them several times by phone and email. Prompt response and friendly customer service. Most important - they quickly grasped the problem and clearly communicated how to troubleshoot and fix. Stayed with me until problem solved.
Inconvénients
So far I haven't found anything that merits concern or criticism.
I've worked in SMBs and Enterprise IT for over 10 years and have yet to find a monitoring solution that compares with EventSentry in the areas of event management, perfmon reporting, alert capability, and ease of use. On top of all of these qualities, the support staff is outstanding and the cost/value ratio is heavily stacked in the clients favor.
PROS
- Comprehensive and Customizable Event Management
- At a previous company I was tasked with finding an SIEM solution and so investigated and or demoed all of the top Gartner-recommended solutions. While many of these solutions were powerful , their TCO was likewise significant, and they were overkill for the operational monitoring we needed. The EventSentry solution was a breath of fresh air with its comprehensive event collection that did not parse events like most SIEMS, but gave us all events in their original glory in REAL-TIME unlike many of the other guys.
- Ease of Setup
- Within just a couple of hours and minimal help I had a good handle on the management interface and was gathering events and perfmon counters for multiple servers. The GUI is intuitive and well-designed so its easy to pick up and the built in filters and collection settings are robust and well-thought out to eliminate much of the noise in Event Logs.
- Simplicity of Searching old events
- This is another huge win for EventSentry. This product has a clear and understandable interface that allows for searching by multiple variables, or simple full text queries. Not only is it easy, but it is fast and is a resource for real-time troubleshooting of production issues.
- Beautiful Web Interface
- While the built-in perfmon graphs in Windows are useful, they leave a lot to be desired on the user-friendly and understandability front. Enter EventSentry with its beautiful charts that are content-rich and customizable. Add to this the ability to compare the same perfmon graphs across multiple systems with the ease of a click and drill down to a second or zoom out to months and you have yourself a thoroughbred that both the business leaders and IT can love.
- Let me be clear in saying I can't say enough good things about this product. My advice is to stop reading my comments and get the trial!
This product and the team that supports it are the REAL DEAL. I could not recommend any product more highly and encourage you to try this product and prove it for yourself!
What a Fantastic product!!!! The installation and configuration was far more intuitive and even quicker than the previous version that we tried. Configuring how and when to send emails (and even shutting them off completely) was just in-your-face simple, and the amount of time it took us to go from download to getting value was significantly less than we had been expecting for a product of this magnitude. I am, frankly, astonished that your team has been able to make such strides in a little more than a year's time.
I did, unsurprisingly, need to reach out to the support desk for a little help, which was both smooth and very pleasant this time around. The issue was a complete oversight on my part, but very quickly diagnosed and resolved. The technician could also tell that I had just finished the installation process, and was happy to poke around at a few of the other default settings to make sure I wouldn't have any other issues, and he answered any and all of my questions while on the phone.
Avantages
The usefulness. We spent a few weeks trying to work with Open Source tools like Security Onion to get syslog and system uptime monitoring in place, and ultimately moved on to look for easier to configure/understand products. EventSentry came in significantly cheaper than other non-open-source systems, and has even more features than we were expecting to get use of.
Inconvénients
The console interface is not the most intuitive that I've seen, but once you understand the system with a quick look through the manual, it's pretty simple to get going and get a lot of use out of the system. If I hated looking through manuals like some other people I know, this could have caused a momentary issue.
Avantages
This product is feature rich. You can customize email alerts to keep you informed in real time about various issues, i.e. a hard drive going bad, and set it up to send to appropriate parties. Along with event monitoring, it provides heartbeat monitoring, syslog monitoring, SNMP, and much more. We're an organization that has to be HIPAA compliant and the predefined HIPAA reports help us. The price is great. The staff have all been very friendly and helpful. They are very quick to respond through email and I've always been able to get someone on the phone. They are great at communicating and resolution should you need assistance. We tried another SIEM system in the past, but it was difficult to get it functioning properly for our needs and didn't provide anywhere near the features EventSentry does. They also didn't provide the level of customer support we receive with EventSentry, but to be fair not many other businesses offer such stellar support.
One full license has an initial purchase fee of $85. Contact Netikus for more information on pricing.
Voici quelques-unes des questions fréquentes sur EventSentry.
Types de licences disponibles pour EventSentry :
À partir de: 85,00 $US
Type de licence: Licence unique, Abonnement
version d'essai gratuite: Disponible
One full license has an initial purchase fee of $85. Contact Netikus for more information on pricing.
Fonctionnalités du logiciel EventSentry :
Utilisateurs habituels du logiciel EventSentry :
Grandes entreprises, Entreprises de taille moyenne
Langues dans lesquelles EventSentry est disponible :
anglais
Types de licences disponibles pour EventSentry:
Licence unique, Abonnement
Nous n'avons pas d'informations sur les appareils pris en charge par EventSentry.
Nous n'avons pas d'informations sur les intégrations offertes par EventSentry.
Ressources d'aide disponibles pour EventSentry :
FAQ, Base de connaissances, Support en ligne, Support téléphonique, Tutoriels vidéo
The company our IT department is working for, is a small to mid size company (~550 users).
Our team consists of two system engineers, which makes it challenging to always keep track of changes and events on our Windows servers.
We invested some time in searching for a suitable SIEM product for Microsoft Windows eventlog consolidation and event notification.
After we found other solutions to be either overkill/pushy or overpriced, we decided to evaluate EventSentry.
The installation was straight forward and intuitive.
It came with several pre-configured Windows event log packages to filter out unrelevant event log noise and to give you a quick clue about how the system works:
Define...
..which event log / source to monitor
..the IDs you are interested in
..actions to take if the event occurs
Besides this important process of constantly monitoring the Windows event logs of all our Windows servers we soon found out that theres more for us:
- Monitor changes to important system files and directories
- Monitor MS Active Directory
- Monitor software installation and changes
- Consolidate custom log files like for Microsoft Exchange
- and so much more
To be honest, it took some time and testing until we had EventSentry configured to track all the relevant edges of our infrastructure.
But during that time it was always a pleasure to work with the not-buggy and intuitive GUI.
Also, we learned to love the Webinterface (WebReports) which displays all kind of status information and lets us search and filter through all the event logs and software products we use.
After 2-3 months EventSentry totally became a part of our daily work life, running stable and reliable.
This product is a valuable addition for our security roadmap, as it gives us the possibility to verify its effectiveness and automate counter measures.
And theres still a lot to discover and utilize (we currently only monitor Microsoft Windows systems).
Notable is also the customer support and documentation. Communication was always easy and directly.
A bug I reported was quickly fixed and even a feature request I sent in has been implemented within a very short time.
The documentation is comprehensive and useful.
Trialing the software was easy and seamlessly without notable impact on our servers, so you should defenetly give this a try!