Related Resources

• PDF: PULSE Factsheet
• Webcast: Prism Microsystems Corporate Overview
• LogTalk: Blog for all things related to log management
• EventTrackerKB: the largest searchable online database for detailed event log information

EventTracker's knowledge architecture makes event logs more accessible and meaningful to the end user. One of the most challenging aspects of leveraging logs is that the structure and contents of logs are non-standard, and finding information that indicates the overall health and status of the IT infrastructure requires a detailed knowledge of the different events generated by each of the devices and systems in the IT infrastructure. This represents a tall order for busy IT personnel. A Cisco device may, for example, represent an identical type of event in a completely different format than a Juniper device or a Linux machine may have very different logs than a Windows machine -- even if they are capturing the same information. EventTracker knowledge normalizes this information into easy to use general categories for the Pulse user.

EventTracker Pulse also provides hundreds of prebuilt category searches that allows a user to search for generic types without needing to understand the arcane syntax of each system's log contents. For example, each system may have a unique event for a logon failure. In order to find all logon failures a user would need to know the unique identifying elements for the login failure event for all the systems (event ID's, strings in the event body etc.), and build a complex query to capture all the relevant records. EventTracker provides these prebuilt searches where a generic type of event such as "login failure" can be specified and all the events that match that category -- regardless of the actual specific log format, are retrieved.

Alerts make use of these categories as well -- an alert on login failures does not need to be complex expressions that search for different events, but a generic alert on the category.

New categories can be easily created or existing ones extended to include new devices, applications and systems.

Finally Searches that are created in the Pulse UI may be saved for future usage enabling favorite valuable searches to be immediately available.

EventTracker KnowledgeBase Integration

EventTracker Pulse is integrated with the EventTracker KnowledgeBase. The EventTrackerKB is the largest single repository of event knowledge on the internet and contains detailed information on over 20,000 unique events with descriptions, recommendations and links to other relevant content. A simple click on the log in the EventTracker Pulse UI will bring up the KnowledgeBase entry.