• Features
  • USB Monitoring
  • Automatic Remediation
  • Reporting
  • Analytics
  • Alerting
  • Enterprise Activity Monitor
  • File Integrity Monitoring
  • Virtual Infrastructure Monitoring
• How It Works
• Where It Fits
• Editions

EventTracker Features - Enterprise Activity Monitor

Manually reviewing and analyzing enterprise wide event log data in order to identify patterns of suspicious behavior is a time consuming and tedious task which leaves ample room for errors and missed conditions. In order to reliably get the right information, rules have to be defined for anomalous conditions - and these are only as good as the person writing the rules/performing the review. In addition you have to know what you are looking for to write the rules.

EventTracker addresses this issue with its Enterprise Activity Monitor, a dashboard that automatically provides information about unusual behavior by:

• Continuously monitoring the event log stream
• Performing a combination of statistical and behavioral correlation
• Detecting both new activity and activities that significantly deviate from normal operations

Conditions detected include:

• Abnormally high or low admin and user activity
• Abnormally high or low system, process or IP activity
• First seen for IP addresses, admins, users, processes etc.
• Sudden changes in event volumes

The dashboard comes pre-configured but can be easily fine tuned to match the activity patterns specific to your environment.

The Enterprise Activity Dashboard

Enterprise Activity Process Analysis