Logentries Releases Real-time Monitoring and Alerting for Windows Security Events
IT Operations teams save time searching for important security events with automated monitoring, notification, and analysis
July 24, 2014
Boston, Massachusetts (July 24, 2014) – Logentries, the most connected log management and analytics service, today announced Windows Security Event Integration for monitoring and alerting on important system events or suspicious activity. Logentries has identified some of the most common Windows Security events and behavior, such as when audit logs are cleared, failed user log-ins occur, changes are made to audit policies, and has made them available out-of-the-box for easy set-up and usage. Additionally, Logentries is including its AWS CloudTrail integration with automated alerting system for Windows security activity specifically for AWS Windows users.
“Logentries enables our Operations team to know immediately when there are security events or potential issues,” said Kirill Bensonoff, ComputerSupport.com. “In addition to real-time alerting, we can also automatically correlate our Windows event notification with our AWS CloudTrail Log data to get a complete understanding of what is happening across our systems and users.”
Amidst today’s cloud-based infrastructures and distributed environments, tracking and analyzing user activity and security events is harder than ever before. IT Operations teams need easy, direct access to their data, and the ability to drill down into exactly what is occurring, where, and which users are involved.
“Recent security breaches and subsequent investigations highlight the absolute need for effective proactive log monitoring to detect, respond and prevent major security incidents,” said Brian Honan, author and industry expert on Information Security. “In particular with businesses moving to the cloud and relying more on third party vendors to support their systems, having the ability to monitor logs in those systems is essential.”
Logentries’ Windows Security Event Integration automatically notifies users in real-time when important events occur such as:
- A new security group has been created
- Servers are opened to be accessible from any IP
- A new user is created with admin privileges
- Audit logs are cleared
- User log-ins fail
- Changes are made to audit policies
“With so many of our users on the AWS platform, Logentries wants to assure that we proactively support their specific security concerns and most common security incidents,” said Trevor Parsons, Co-founder and Chief Scientist, Logentries. “With automated notification, users know immediately when a security event has occurred and can easily dig into the log events to quickly understand what their users have been doing.”
Logentries’ new Windows Security Event Integration provides support for all versions of Windows Event Logs. The cloud-based Logentries service collects logs in any format and pre-processes them upon ingestion for real-time analysis, alerting and visualization. With custom tagging and filtering, users can correlate security and performance issues with broader infrastructure activity including application usage, server metrics, and user behavior.
To get started today, visit logentries.com for a free 30-day trial of the Logentries service and Windows Security Event Integration.
Logentries is the world’s most connected log management and analytics service, making business insights from machine-generated log data easily accessible to development, IT and business operations teams of all sizes. With the broadest platform support and an open API, Logentries brings the value of log-level data to any system, to any team member, and to a community of more than 35,000 worldwide users. While traditional log management and analytics solutions require advanced technical skills to use, and are costly to set-up, Logentries provides an alternative designed for managing huge amounts of data, visualizing insights that matter, and sharing that information across its global user community. To sign up for the free Logentries service, visit logentries.com.
Recent Press Releases
New Elastic Logging Enhancements Enable Users to Analyze their Docker Log Data Using Dynamic Time-Slice Views to Identify Rare Events & Outlier Issues
New Logentries Community Pack for Puppet Enterprise Enables SysAdmins to Easily Analyze Puppet Event Data
New Puppet Log Analyzer Monitors Puppet Configuration Changes With Out-of-the-Box Queries, Dashboards and Alerting Tools