Netsurion EventTracker Data Logging
Do you import log data into this solution? If yes, what data and what are your impressions of this capability?
Data is all configured to automatically go in. We deployed their agents, and those agents just send the log data directly to the SIEM. We don't manually upload anything.View full review »
The ability to import log data into the solution is very good. It consolidates that information and stores it in a compact manner. It doesn't use a huge amount of disk space to store history of the logs but still gives us the ability to pull various reports as we need them.
We import log data into the solution from Windows Servers and switch-logs from the Cisco switches. Those are the main things that we feed into the system. We don't have any Linux or any other external systems that we feed into it.View full review »
We have logs coming from our firewall configured to auto import log data, but we are not manually importing any log data.View full review »
We primarily import Windows systems and Windows Server logs (2012 and 2016). We also import Cisco ASA logs, then Cisco router and switch logs. The import works well.View full review »
Everything we have is a real-time feed. We don't have anything that is just batch and then it reads it in later. Especially on those real-time alerts that I mentioned, I know about each of those literally within minutes after it happens, because it's a real-time feed. The alert fires and sends me an email or a text, whatever I have set up.View full review »
In terms of the log data importing, our data went in very easily. That was one of the things that was appealing to us because the product set we use here for antivirus, single sign-on, the authentication services, and the patching services were all in the supported-product suite. So adding them in was just simply getting them pointed over there and getting through the change-control windows.View full review »