Prism Microsystems EventTracker 6.3

EventTracker delivers essential log management and analysis but does combining it with systems monitoring, change management and USB access controls complicate things?

Price
£3,115

Businesses that don't comply with data protection regulations may find themselves in deep water if they can't prove to auditors that they have the appropriate measures in place - and if they do suffer a security breach they could find themselves in court.

Log data management and analysis are key components of these processes but smaller businesses may find many of the appliance based products are beyond their budgets. EventTracker from Prism Microsystems aims to offer solace as this software solution provides extensive log and event analysis features but at a more affordable price.

EventTracker collects Windows event logs, syslog and syslog-ng sources, web sites logs via HTTP and HTTPS and SNMP v1/v2 data. It also provides a range of features not found in standard log management products such as system monitoring plus it can alert administrators to unauthorized system changes. The perennial problem of USB devices also comes under its remit as it keeps track of usage, reports on user activities and can block access.

For Windows systems, EventTracker provides agent-less and agent-based monitoring, with the latter offering a far greater range of options. You have performance, application and service monitoring, real time event notification, event log backup, remedial actions, software installation and removal monitoring and USB device monitoring.

Advertisement
Advertisement - Article continues below

Installation is simple enough and EventTracker offers a central console providing easy access to each function. For Windows systems it uses an auto-discovery tool that sweeps the network and reports on the systems it finds. You then have the option of choosing agent-less monitoring or deploying the agent to them.

Agents are configured from the System Manager console where you apply filters to fine tune the event data being sent in. Percentage thresholds for CPU, memory and disk utilisation determine when event notifications are sent and in the same window you decide how to deal with USB devices. The agent reports back when it spots devices being inserted and removed, logs user activity and can disable all ports if required. For the latter you can also add an exception list containing the serial numbers of permitted storage devices.

We successfully tested the USB function as on inserting a memory stick in one of our agent monitored systems we saw the configured alerts swing into action. The event log was also updated with details of the device, the drive letter assigned and its serial number.

EventTracker is smart enough to differentiate between USB HID and storage devices so if you disable USB access the agent will only block the latter and will continue to allow the mouse and keyboard to function. We tested this on one system and found that whenever a USB stick was inserted it would appear briefly in Explorer and then disappear as it was disabled by the agent.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Most Popular

Visit/business-strategy/digital-transformation/354201/boston-dynamics-dog-like-robots-sniff-out-bombs-for
digital transformation

Boston Dynamics dog-like robots sniff out bombs for Massachusetts police

26 Nov 2019
Visit/business-strategy/mergers-and-acquisitions/354191/xerox-threatens-hostile-takeover-after-hp-rebuffs
mergers and acquisitions

Xerox threatens hostile takeover after HP rebuffs $30bn takeover

22 Nov 2019
Visit/security/data-breaches/354192/t-mobile-data-breach-affects-more-than-a-million-users
data breaches

T-Mobile data breach affects more than a million users

25 Nov 2019
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019