WhatsUp Event Archiver Overview
Event Archiver automates the process of collecting, storing, backup and log files for auditing, regulatory compliance and log forensics. This is how it works: Event Archiver automatically saves and clears the active log files from each system, reads log entries out of the log files into a central database (e.g. Microsoft SQL or Oracle), and finally compresses the log files and stores them centrally on a secure server. WhatsUp Event Archiver has been awarded the Certificate of Networthiness (CoN) from the U.S. Army Network Enterprise Technology Command because it meets the U.S. Army's strict security, sustainability and interoperability requirements.
Did you know that some compliance regulations mandates log data retention for seven years or more? Having log data ready in a central database greatly reduces risks and the potential for lost hours when an auditor comes knocking. Use WhatsUp Event Archiver to eliminate tedious manual log files collection activities and save time; easily archive log data to meet compliance and auditing requirements; and ensure log data integrity.
With WhatsUp Event Archiver you can:
- Automate log file collection tasks across system and devices for log forensics, compliance and auditing.
- Enable remote collection of log files from across the distributed network
- Ensure log file integrity and complete protection against log file tampering via cryptographic hashing
- Automatically store, archive and back-up log files as required
- Eliminate management headaches related to maintaining large and growing log file databases
- Meet regulatory requirements on what log data you need to collect, store and hold over time
- Use it independently or as part of the WhatsUp family of Event Log Management solutions
Event Archiver Features
Log Collection
- Enables scheduled collection of Windows, W3C/IIS logs from multiple systems from one console
- Supports both remote and hosted agent data collection architectures
- Supports all Windows versions from NT, 2000, XP, 2003, Vista, 2008 and Windows 7
- Includes LogRefinerâ„¢ technology to normalize EVT (XP/2003) and EVTX (Vista or later) log files; even archive EVTX logs from an XP/2003
- Allows 'leave a copy' collection of active log data on the server
- Facilitates remote log data collection through the Importer utility
- Automatically transfers log files beyond a specified file size to a working directory for local processing to optimize bandwidth and processing costs
- Allows the creation of logical workgroups for easier management of multiple servers
Log Storage
- Enables storing of collected Windows log data to a centralized data store
- Works with your existing Microsoft Access or Microsoft SQL databases
- Handles automatic database maintenance tasks based on file size or time based purging
- Enables multi-year data storage in compliance with regulatory requirements
- Protects archived files from tampering via cryptographic hashing
- Provides flexible and powerful database filtering to allow only selected events to be imported
- Protects against incomplete import of older log files by rolling back changes unless the entire process is completed
Save Time; Get rid of Time-Consuming Manual Processes
Automate the process of collecting, storing and archiving log files across your infrastructure. You will ensure complete accuracy, and save time and effort eliminating manual log file collection tasks
Reduce risks and liabilities
Facilitates log file collection, archiving, storage and backup needed to meet log data retention mandates imposed by compliance regulations such as HIPAA, SOX, FISMA, PCI, MiFID, Basel II and others.
Event Archiver at a glance
- Automatically collect Syslog, Microsoft events or W3C/IIS logs across your infrastructure- devices, servers, systems, Web Servers, Load Balancers, Firewalls, Proxy Servers, or Content Security appliances
- Robust and reliable, 'set once, run forever' type capability that requires little ongoing maintenance
- Eliminates time, effort and IT budget required for manual collection, consolidation and storage of Windows log data by automating all these processes
- Automates key maintenance tasks for some databases like MS Access and MS SQL - reducing time and effort required to maintain large log file data stores
- Critical to meeting internal security and regulatory compliance requirements which involves collecting and storing of log files including Sarbanes Oxley, Base II, HIPAA, GLB, FISMA, PCI DSS, NISPOM and others
- Provides immediate access to stored log files for operational triage and cuts down time to resolution for security events
- Enables historical forensic analysis that informs the set up of better compliance policies and security standards
Event Rover Frequently Asked Questions
- Is the evaluation version of Event Archiver fully functional?
A: Yes, it is fully functional for managing the logs of up to 50 machines, and it does time out in 30 days.
- Do I have to install clients to each workstation/server I collect logs from?
A: No. Event Archiver manages all logs remotely, and no client installation is required. This greatly simplifies deployment time. In some environments, such as networks consisting of multiple sites separated by WAN links, multiple installations of the software at each site is recommended.
- I have logs from 20 servers and 100 workstations that I want to archive. Event Archiver however runs on only my machine. How many licenses do I need?
A: Event Archiver is licensed per server and/or workstation from which logs are being archived. Therefore, you would need 20 server licenses and 100 workstation licenses.