Search

EventTracker offers the most comprehensive and flexible search options in the SIEM/Log Management industry. Period! We have spent 10 years working with hundreds of security and sys admin users to address numerous log search scenarios and use cases. Whether you are responding in real-time to a threat or system issue or looking back in time to piece together a user’s activity spanning months, EventTracker Search gets you what you need quickly in a useable format.

• Web-based “Google-like” keyword searching when you are searching for logs recently generated by a user, a system, a specific  IP address or a specific event ID.  EventTracker keyword search immediately returns well formatted columnar log data with the most recent events first. Searchers can instantly drill-in or out, click-to-source through hyperlinks, refine through field-level filtering, time-slice and export results to a spreadsheet.

• EventTracker also provides “Google-like Advanced Searching” for phrases, date/time ranges, include/exclude specific keywords, pre-defined categories, operators and wildcard characters or any combination for complex queries of gigabytes of log data.

• EventTracker Enterprise edition also provisions “Trending Today”, a dynamic search taxonomy re-generated daily on all events indexed since midnight.  It shows top log sources using a directory tree interface and Cloud Tagging to help you visually spot the active systems, users and events.  The same filtering, drill down and exporting abilities for your results sets are here too.

• “EventVault Explorer” also available only with EventTracker Enterprise edition, takes the above and adds fuzzy, stemming and SQL searching of subsets of log data for power analysis of off line data cubes. Use popular BI, OLAP and other report writers to search, analyze and represent your target log data the way you need it.  This is the ultimate in speed, flexibility and visualization when it comes to log data.