Questions about Ipswitch products?
Contact Us: 1-877-386-3763
Direct: 1-780-430-6240
Free Evaluation Download Event Analyst Pricing WhatsUp Gold Event Alarm Log Management

WhatsUp Event Alarm©

Automated Log Filtering, Correlation and Reporting

Overview Overview
Overview Features
Documentation FAQ

WhatsUp Event Alarm® Overview

Keeping your network and your data secure is easier said than done. Your infrastructure and applications generate thousands of event and security logs every hour and every day. Maintaining a watchful eye over individual log files, repeated login failures and multiple event ids is impossible to do manually. You need an automated system that can monitor all your log files across your entire infrastructure in real-time – and bring only the critical events to your attention so that you can respond to them effectively and quickly.

Without real-time automation of your log monitoring, it is easy to miss the critical few security events in a flood of benign messages

WhatsUp Event Alarm® is an easy-to-configure network security software application that can alert network staff the moment specific events happen anywhere in the network. Running behind the scenes as a set of Windows services, Event Alarm constantly watches over log files, immediately sending out alert notifications at the first sign of trouble. With advance warning from Event Alarm, network personnel can initiate investigation and triage processes as per their established security policies and compliance requirements.

With WhatsUp Gold's Event Alarm you can:

  • Monitor your Windows Event logs (EVT and EVTX), Syslog files and W3C/IIS logs for specific event occurrences
  • Send notification to stakeholder groups via multiple modes of communication
  • Choose from more than 100 different pre-packaged alarms covering commonly tracked events
  • Allow flexible grouping and customization for highly contextual alarming
  • Gain from quick out-of-the-box deployment covering most standard event types
  • Initiate rapid response processes for operations triage and resolution
  • Meet regulatory requirements for log management and security problem resolution
  • Use it independently or as part of the WhatsUp Gold Log Management suite

Key Capabilities of the WhatsUp Event Alarm include:

Broad Range of Event Notification Mechanisms

Event Alarm offers the network administrator a wide range of event notification options including email alerts, network pop-ups, pager calls, Syslog server forwarding, database insertion or broadcast notifications to administrators running Event Alarm's custom notification program. Event Alarm notifications are highly flexible, with many alarm customization and grouping options. This enables network security personnel to adapt Event Alarm notifications easily into their operational workflows.

Compatibility with Both EVT and EVTX Windows Event Logs

Windows event log format underwent a major change with the release of Windows Vista and Windows Server 2008. Prior versions of Windows supported the EVT event log format, while Vista and Windows 2008 and later versions will support the EVTX format. WhatsUp Event Alarm monitors and alerts on both EVT and EVTX log file formats — using its patented and exclusive Log Refiner™ technology.

Combined Windows Event, W3C & Syslog support

WhatsUp Event Alarm monitors more than just the security event logs — it supports standard Windows events and Syslog files generated by network devices, Unix and Linux systems as well. Plus, WhatsUp Event Alarm also oversees W3C logs to give you visibility across your Web Servers, Load Balancers, Firewalls, Proxy Servers or Content Security appliances. Network administrators find everything that they need in one single and consistent tool.

Dual Modes of Remote and Agent-Based Monitoring of Log Files

WhatsUp Event Alarm can watch over event logs on remote machines without any client software installed on the host. A network administrator can adjust specific alarms and corresponding notifications on multiple infrastructure devices across their domain from one central console. However, if the network security policies restrict remote monitoring across the WAN, WhatsUp Event Alarm can operate via a hosted agent architecture that runs a copy of the software in each log server. This dual agent / agentless architecture truly sets WhatsUp Event Alarm apart from competing log monitoring products currently on the market.