EventTracker Benefits

Richard Teegarden
Network Manager at a energy/utilities company with 51-200 employees
It's come in tremendously handy. We've had small incidents crop up that we've been able to isolate immediately or dig further into because of this. Without that "full-glass" look at everything we've got going on in our environment at a particular time, we would be chasing our tail a little bit: "What's happening here? Do I need to go look here? Do I need to go look there?" The ability to pull those logs in from not only all of our desktops, all of our servers, all of our appliances, but from anything else that could be logging an event, has been tremendous for us. It has limited the time that I've had to spend combing through any device and syslogs. For example, firewalls: I'd be looking through events to try to find out if anything looks abnormal. EventTracker not only does centralized tracking, but it does a fair amount of behavioral analysis as well. It tells us: "Hey, here are events we haven't seen before." It even calls to my attention processes that are new, including unsigned processes that we need to be aware of in our environment. We also utilize their Snort plugin on the front-end. It indicates traffic that's coming in that we might want to be aware of. We tend to start blacklisting and block-listing a tremendous amount of external IPs based upon things that the solution sees on the outside. Those could just be events hitting our firewall, but unless I'm sitting there watching my firewall on a continuous basis, I'm probably going to miss a lot of them. EventTracker is collecting that and pulling it all into a quick and easy notification. On a daily basis, I get that report to rehash: "Did you see these things? Are these acceptable? Here's behavior that we haven't seen before from this particular user." It makes me aware of things so that I can validate. It gives me a good check and balance on what we have going on in the environment and what they're seeing through a collection of event logs. Because we've been using it for so long in our environment, I've pushed my daily duties onto other things. I've moved into other areas since I don't have to constantly monitor this equipment or the logs or check back on things. It's probably cut down 50 percent of my workload, in terms of tracking and watching and trying to play a little bit of triage after the fact. It's giving me heads-up notifications immediately. Then, as we hash back through things, either on a daily or monthly basis, we're looking at what it's finding and what we are missing. Are there things that are still cropping up that haven't been taken care of that maybe slipped through the cracks? It's not only cut down a ton of my time but even our staff time which used to be spent watching and maintaining logs on various products. View full review »
Geremy Farmer
Information Technology Coordinator at Magnolia Bank, Incorporated
It gives us a real idea of our network environment, VPN access, alerts and more. We are able to identify where we're getting scanned externally from potentially malicious IP addresses. We can react to those a lot quicker than we could previously. EventTracker has increased productivity and saved us time, absolutely. We would have to hire a full-time person to review logs if we didn't have EventTracker. I get daily and weekly reports that I review within an hour or two, each day, versus having to go look at logs on each machine. It would take me three or four times as long to review all those logs if they weren't all in the same dashboard report or alert. View full review »
Bryan Caporlette
Chief Technology Officer at G&G Outfitters Inc
It is protecting us from cyber threats. We get a lot of information security audits from our larger clients. I wanted to be able to have intrusion detection and prevention, vulnerability scanning, and SIEM because those are always the questions, "Do you maintain your logs? Do you look at them? How do you take proactive action?" EventTracker managed service gives me the right answers for all those questions and has saved me time when answering these questions. View full review »
Find out what your peers are saying about Netsurion, Splunk, AT&T and others in Security Information and Event Management (SIEM). Updated: October 2019.
373,262 professionals have used our research since 2012.
Sean Sheil
Information Technology - Business Process Analyst at a financial services firm with 51-200 employees
We use those standard reports every day and monitor them. It does save us some time from having to go out manually and pull that information together. With the daily reports that we get, we can easily scan through them and find any anomalies that are occurring. If a system suddenly starts getting thousands of more errors than it did previously, we know we need to look at something on that system. The solution has also saved us time due to the fact that it's doing the consolidation of the log files for us. It probably saves us three hours a day. View full review »
Consultib253
Consulting Engineer at a tech vendor with 10,001+ employees
It was purchased so we would be in compliance. That is our main reason, and it works very well. The product satisfies our compliance, and thus, all of our auditors. All of the data that we use and store for all security events is required by our auditors to be kept in a central storage location. EventTracker provides a great place to do our searches for certain types of events. We can go there, run the search engine, and it runs extremely fast, especially compared to the version that we previously used. E.g., instead of connecting to each individual domain controller to search events, we can go to one location. View full review »
Assistan6279
Assistant LAN Administrator at a non-profit with 10,001+ employees
It gives us a heads-up about the disk space and any errors in any event logs that we have to look at. There are times where that saves us time. View full review »
Find out what your peers are saying about Netsurion, Splunk, AT&T and others in Security Information and Event Management (SIEM). Updated: October 2019.
373,262 professionals have used our research since 2012.
Sign Up with Email