A new build of GFI EventsManager ReportPack 8.1 (build 20080627) has been uploaded. Changes within this release include: FIXED:Issue with displaying SNMP traps critical events FIXED:Issue withshowing the PCI reports

A new build of GFI EventsManager 8.1 (build 20080702) has been uploaded. Changes within this service release include: NEW: Reminder-ware and eCommerce integration NEW: DICR optimizations: (i) Improved quick start dialog (ii) Quick start guides for adding event sources, creating rule and working with database operation (iii) From the reporting page you can download and install the report pack as well as launch open it once it is installed (iv) Improved installation process NEW: SNMP traps v2 alerting support NEW: Support for passing field names as parameters in run command actions for rules FIXED: ESM stops collecting Syslog and w3c events when SQL Audit was not enabled from the license FIXED: Logging system was enhanced, it doesn't create anymore empty files

A new build of GFI EventsManager 8.1 BETA 1 (build 20080609) has been uploaded. Changes in this build include: List of new features SNMP traps v2 alerting Support for passing field names as parameters in run command actions for rules Improved Quick Start Dialog New Quick Start Guides for adding event sources, creating rules and working with database operations The GFI EventsManager ReportPack can be downloaded and installed from the reporting page. Improved installation process List of fixes GFI EventsManager stops collecting Syslog and W3C events when SQL Audit is not licensed Logging system occasionally creates empty files Fixed import settings when the database contained null filters

A new build of GFI EventsManager 8 ReportPack (build 20080408) has been uploaded. Changes in this build include: Added support for events 536,537 for logon failure reports (and Vista equivalents). Event 536 Logon Failure : Netlogon component is not active Event 537 Logon Failure : other reasons.

Added NEW reports for "User Activity" monitoring "Failed logon count on each computer" "Top 10 accounts which failed to logon"

Ported and integrated the following reports required for compliancy analysis including PCI 10.2.1 All individual access to cardholder data - when data is stored in files 10.2.2 All actions taken by any individual with root or administrative privileges 10.2.3 Access to all audi

A new service release of GFI EventsManager 8 (build 20080318) has been uploaded. Changes in this service release include: NEW: Data can now be backed up from the backup database FIXED: SNMP and Syslog servers options do not apply properly FIXED: Rules settings are not imported after upgrading from GFI EventsManager version 7.1 FIXED: Command line tool "Exportdata.exe" does not export "Other events" to file FIXED: Priority of rules may be lost after importing settings from an older version FIXED:SNMP and Syslog servers may not start automatically after system reboot FIXED: Command line tool: importdata.exe does not import data to another database on another server when using /dbname /dbserver parameters FIXED:

A new build of GFI EventsManager (build 20080218) has been uploaded. Changes in this build include: NEW: Extended support for various devices by adding SYSLOG rules for Juniper Networks devices NEW: Select all SQL servers option from the Add SQL servers dialog NEW: Export query results directly to CSV from event browsers NEW: Possibility to filter on Rule Name in reports from Report Pack NEW: Comprehensive sets of on SNMP traps and SQL Server Audit filters NEW: All the data from SQL server audit columns appear in description panel FIXED: Server name does not appear in Database Server Groups after restarting the application (Windows Vista) FIXED: SQL Server Audit Browser -> Find Events ->

GFI EventsManager 8 supports 4 types of logs, which are Windows event logs, W3C format logs and Syslog messages and SNMP. GFI EventsManager also supports SQL Server auditing. The following are some of the applications and devices from which GFI EventsManager can collect logs: Windows events Windows events

The operational functionality of GFI EventsManager is divided into 2 stages: Stage 1: Log Collection Stage 2: Log Processing The rest of this article provides a description of the different stages. Stage 1: Log Collection During the Log Collection stage, GFI EventsManager collects logs from specific event sources. This is achieved through the use of 2 log collection engines: The Event Retrieval Engine The Event Receiving Engine The Event Retrieval Engine The Event Retrieval Engine is used to collect Windows event logs and W3C logs from networked event sources. During the Event Collection process this engine will: Log-on to the event source(s) Collect events fr