Presentation is loading. Please wait.

Presentation is loading. Please wait.

Complete Event Log Viewing, Monitoring and Management.

Similar presentations


Presentation on theme: "Complete Event Log Viewing, Monitoring and Management."— Presentation transcript:

1

2 Complete Event Log Viewing, Monitoring and Management

3 Event Log Sentry & View Functionality Summary  Remote viewing of multiple event logs with filtering capabilities  Real-time notification of critical events  Automatic response to selected events  Automatic event storage in MS SQL Database  Automatic clearing and archiving of event logs  Centralized management of Audit Policies and event log settings

4 Event Log View  Consolidated Event Log Viewing

5 When do you view your event logs?  Best Practices requires Daily viewing  Diagnostic Event Viewing when systems fail

6 Functionality of Event Log View  Consolidated view of Event Logs  Grouped machines for strategic viewing  Complete event log information presented  Detailed filtering capabilities  Create and store custom filters  Custom filters for 3 rd party applications (in development)

7 Why use Event Log View?  Best practices requires daily viewing of all event logs. Event Log View makes it possible to satisfy best practices by streamlining and simplifying the viewing process  Event Log View reduces the time and resources spent viewing event logs and, as a result, reduces the related TCO (Total Cost of Operations)

8 Event Log Sentry Centralized Event Log Monitoring and Management

9 Monitoring Functionality of Event Log Sentry  Monitor event logs for critical events and receive immediate notification when they occur  Multiple notifications in response to events  (Pager, Cell phone, Blackberry, etc.)  Popup  Customizable messages in notifications, including macros (variables)  Integrated templates for 3 rd party solutions

10 Automated Responses  Ability to run two automated actions per event trigger  Run console applications  Run batch files  Custom scripts

11 Why monitor your event logs with Event Log Sentry?  Decrease administrative response time to critical events to prevent system failures  Uninterrupted end-user productivity due to automated triggers  Proactive Monitoring means:  Reduces TCO associated with repairing system failures since problems are resolved before system failures occur  Administrators’ time spent on priority projects instead of reactive repair and analysis

12 Automated Event Log Clearing with Event Log Sentry  Schedule automated clearings for multiple event logs on non-production hours

13 Why Automate Event Log Clearing?  Event logs never reach maximum capacity– no loss of information  Reduces TCO since Administrative resources are not used to clear event logs

14 Event Log Archiving with Event Log Sentry  Archives raw.EVT files to back-up server

15 Why do you need to automate event log archiving?  Automation ensures that archiving occurs  Second source of original event information for diagnostics and audit trail purposes  Best Practices requires back up of all critical event log information

16 Storing Events in an SQL Database with Event Log Sentry  Migrate specific events into SQL Database using native SQL Server API

17 Why store events in an SQL Database?  Long-term data analysis  Use standard reports with Seagate Crystal Reports or create customized reports  Provides Audit trail  Uses MS SQL Server proprietary API calls  Faster than ODBC  Non-interference with other SQL Clients that may be running

18 Managing Policy Settings with Event Log Sentry  Centralized management of Event Log Settings and Audit Polices  Regular scans of settings and ability to reset policies and settings according to selected template(s)

19 Why centralize Policy and Auditing Settings?  Ensures correct event information is written to Security Log  Enforces consistent conformance with corporate security policies across all machines

20 Managing Event Log Sentry  Easy distribution of agents to servers or workstations in all domains.  Template-based design so that changes to multiple machines are performed with ease  Global templates and domain-level templates for simplified management

21 The Distributed Architecture of Event Log Sentry

22 How does Event Log Sentry Work? EE vent Log Sentry Server for Database Migration and.EVT Backup EE vent Log Sentry Admin Console on Admin workstation EE vent Log Sentry Agents on any machine whose event logs will be processed

23 Benefits of Event Log Sentry’s Distributed Architecture Design  Centralized management  Easily manages multiple domains  Load Balancing for continued monitoring and management  Efficient network/processor utilization  Scalable for large enterprises

24 How scalable is Event Log Sentry?  Test environment  50 Servers  200 Workstations  Tasks Performed  Monitoring selected events  Migrating selected events  Archiving

25 Test Environment Performance  Used one Event Log Sentry Server  Migrate Events  Backup Logs  Processor Utilization and Network Traffic  Unaffected on all monitored machines (250)  Processor Utilization on Event Log Sentry Server hovered around 3%—Never higher than 7%  Event Log Sentry Server also ran PDC and SQL Server

26 Conclusions from Test Environment II nstallations up to 500 Servers will only require two Event Log Sentry Servers for same performance as test environment OO ne for Backup OO ne for Database Storage

27 Works with Windows 2000  NT Event Logs  System  Application  Security  Windows 2000 Active Directory Logs  Directory Service  DNS Server  File Replication Service

28 Event Log Sentry and Event Log View Overall Benefits  Immediately isolate and prevent system and security threats through real-time notifications and automated actions  Research failures and breaches through an archived repository  Increase network visibility to improve security and systems management  Reduces TCO by reducing time spent viewing, monitoring, and managing event logs

29 Engagent Inc. Engagent th Ave NE Kirkland, WA (877)


Download ppt "Complete Event Log Viewing, Monitoring and Management."

Similar presentations


Ads by Google