- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Easy-to-use functionality.
- Weaknesses: No event or threat correlation engine.
- Verdict: A good choice for smaller enterprises.
Looking for a quick and agentless system to collect and analyze logs from Windows, Linux, Unix and other syslog devices? EventLog Analyzer may be just the thing. This small application can be set up in just a few minutes and packs quite a punch for its size. Its main strength is in the agentless system and its ability to quickly collect and analyze logs for compliance reporting, as well as alerting and trending.
We found this product to be easy to set up and configure. The initial installation is run from a single executable. A short setup wizard installs all the necessary components, including the web-based management console. At the completion of setup, the rest of the configuration, as well as all management and analysis, is done through this console. We found the console to be well-organized with an intuitive layout.
This product also shines with its log-searching ability. Logs can be quickly and easily browsed or searched and then drilled into for deeper analysis providing an excellent amount of information on alerts and events.
We also found this drill-down capability on the dashboard, so it was easy to spot events and take the appropriate actions. The only place where this product falls a little short is it does not do event correlation.
Documentation included a single PDF user guide, which details the product from installation through configuration and management of product functions. We found this guide to be well-organized, but it lacked screen shots and examples, which would be helpful in configuring advanced functionality.
Customers can purchase support as part of an agreement that includes access to 24/5 phone and email technical assistance, as well as updates and minor release upgrades. Also available to customers is an online support area that includes resources such as a knowledge base and online documentation.
With prices starting at just under $400, we find this solution to be a very good value for the money for smaller environments that are looking for a good SIEM with solid functionality.