In addition to collecting the contents of the Windows event log, EventTracker Agents enable advanced monitoring of the following resources with all logs retained and available for after the fact analysis and reporting.
- Monitor for create/delete/change of any file, executable or dll on the file system
- Monitor for create/add/delete of any registry variable
- Scan for configuration compliance standards such as Federal Desktop Core Computing (FDCC)
USB Device Monitoring
- Track device inserts/removes
- Track files copied to the device
- Track file deletes
- Block USB devices through configurable policy
Application Monitoring
- Monitor application start/stop
- Monitor software install/uninstall
- Monitor application memory usage
- Monitor usage of critical applications (configurable include and exclude list)
- Monitor log files generated by anti-virus software, web servers, dialers, databases such as Oracle
- Supports IIS, IISW3C, IISMSID, NCSA, BIN, URLSCAN, HTTPERR, EVT, TEXT (Word or CR/LF separated), XML
- Intrusion detection: monitor incoming network connections outside the trusted configuration
- Monitor incoming network connection to a TCP and UDP port
- Monitor unproductive web surfing and network chatting
- Track and control connections are coming in to the application server
- Monitor for software/hot fix/update installed or removed on any system
- Configurable thresholding
- Monitor CPU/disk/memory usage
- Monitor runaway processes
- Monitor insert/removal of removable media such as USB drives or DVDs
- Manage services on any Windows system in your network from one location
- Create, remove, start, stop services across the network
- Send an event when any service starts or stops
- Automatically restart critical services
- Exclude selected services from this monitoring
- Monitor up/down status of hundreds of web pages
- Monitor events when websites not reachable or changed
- Monitor events when website is reachable
- Ability to schedule and email the uptime and downtime time reports
