The optional Windows agent combines convenience with functionality and flexibility to further enhance log management and collection capabilities across the entire EventTracker suite of products. Through a centralized configuration and deployment console, Windows agents can be installed across hundreds of servers or desktops in minutes. The agent overhead is minimal requiring on average less than .5% of CPU on a 24 hour basis. Users will be unaware of its existence, and system performance will not be negatively affected.
The EventTracker Windows agent forwards copies of EVT/EVTX log files from servers and desktops to EventTracker management consoles. The logs may be forwarded in real-time or scheduled based on criticality and network considerations. Copies of logs are cached and secured on the originating system as they are written which prohibits tampering with evidence of unauthorized behavior. The agent will also automatically manage local log back-ups and retention policies.
EventTracker Windows agents are installed and proven on nearly one million end-points worldwide including the United States Department of Defense and federal civilian agencies, local governments, national and international banks, educational organizations and health services providers.