EventSentry

First days of you I felt a little lost, then I use the help center and the videos that the company has and start working with it perfectly. They have an AWESOME customer care. They will reply your questions at their forum real quick.

EventSentry is used here to collate event logs, spot errors and trends in our network and security issues that need to be re-mediated. we've found it to be very useful in root cause analysis and troubleshooting network issues. the support staff are amazing and cannot be recommended enough!

The company our IT department is working for, is a small to mid size company (~550 users).
Our team consists of two system engineers, which makes it challenging to always keep track of changes and events on our Windows servers.

We invested some time in searching for a suitable SIEM product for Microsoft Windows eventlog consolidation and event notification.
After we found other solutions to be either overkill/pushy or overpriced, we decided to evaluate EventSentry.

The installation was straight forward and intuitive.
It came with several pre-configured Windows event log packages to filter out unrelevant event log noise and to give you a quick clue about how the system works:

Define...
..which event log / source to monitor
..the IDs you are interested in
..actions to take if the event occurs

Besides this important process of constantly monitoring the Windows event logs of all our Windows servers we soon found out that theres more for us:
- Monitor changes to important system files and directories
- Monitor MS Active Directory
- Monitor software installation and changes
- Consolidate custom log files like for Microsoft Exchange
- and so much more

To be honest, it took some time and testing until we had EventSentry configured to track all the relevant edges of our infrastructure.
But during that time it was always a pleasure to work with the not-buggy and intuitive GUI.

Also, we learned to love the Webinterface (WebReports) which displays all kind of status information and lets us search and filter through all the event logs and software products we use.

After 2-3 months EventSentry totally became a part of our daily work life, running stable and reliable.
This product is a valuable addition for our security roadmap, as it gives us the possibility to verify its effectiveness and automate counter measures.

And theres still a lot to discover and utilize (we currently only monitor Microsoft Windows systems).

Notable is also the customer support and documentation. Communication was always easy and directly.
A bug I reported was quickly fixed and even a feature request I sent in has been implemented within a very short time.

The documentation is comprehensive and useful.

Trialing the software was easy and seamlessly without notable impact on our servers, so you should defenetly give this a try!

Did a WebEx with my supervisor to demo EventSentry and show how I’m using it here in our East Coast office. Whenever my boss asked a question, I could display info and immediately provide an answer with just a few mouse clicks. Simple, fast, and on-point. He was very impressed.

Installation of upgrades has been smooth and easy. I don't worry that an upgrade will cause loss of my event log data.

Excellent documentation of EventSentry installation procedures, use of features, and troubleshooing methods.

My company is starting to purchase more licenses and expand use of EventSentry to more of our systems. It's exactly what we need for event log consolidation, auditing, and system management.