Netsurion EventTracker Overview

Netsurion EventTracker is the #5 ranked solution in our list of top Security Information and Event Management (SIEM) tools. It is most often compared to Splunk: Netsurion EventTracker vs Splunk

What is Netsurion EventTracker?

EventTracker by Netsurion is a co-managed security solution that delivers actionable security intelligence that empowers organizations of any size to effectively detect and respond to insider threats as well as advanced cyber criminals.

Netsurion EventTracker defends your organization against advanced threats and streamlines IT compliance management by converging multiple layers of security technology such as SIEM, EDR, UEBA, IDS, and more. Most importantly, we augment the technology with our 24/7 SOC for continual monitoring, threat remediation, and system tuning. With EventTracker, you can orchestrate all the critical capabilities needed to predict, prevent, detect, and respond to cybersecurity incidents. We monitor for anomalies and suspicious network activities and respond with built-in response rules to block or terminate harmful activities. 

Netsurion strengthens your security defenses, controls costs, and optimizes your team’s capabilities to respond quickly with a single end-to-end solution. We increase your efficiency and effectiveness by reducing false positives and enabling audit-ready compliance reports. Netsurion provides a comprehensive, scalable platform for security monitoring, threat detection and response, and compliance – as a software solution, in the cloud and on-premises, or as a co-managed solution that augments your IT team.

Netsurion EventTracker is also known as EventTracker SIEMphonic, EventTracker Essentials, EventTracker Log Management, EventTracker Security Center .

Netsurion EventTracker Buyer's Guide

Download the Netsurion EventTracker Buyer's Guide including reviews and more. Updated: June 2021

Netsurion EventTracker Customers

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores

Netsurion EventTracker Video

Filter Archived Reviews (More than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
AW
Consulting Engineer at a tech vendor with 10,001+ employees
Real User
We can search all event logs and domain controller security events

What is our primary use case?

We are using it for audit compliance. Because when we have audits, we are required have a central event log storage location. If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically.

Pros and Cons

  • "The product satisfies our compliance, and thus, all of our auditors. All of the data that we use and store for all security events is required by our auditors to be kept in a central storage location."
  • "If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically."
  • "The biggest problem is that we have too many domain controllers. So, we have to keep all the clients and main system updated with the latest versions along with making sure all the firewalls are open."

What other advice do I have?

Get the preferred support. This is for the guy who uses and maintains the back-end of the system. Because if you don't have your firewall configurations configured correctly, you will need to have that support. All of our domain controller event logs are consolidated and stored on the server. Right now, we are sitting at 101 domain controllers, which is way too many. However, this was one of the main reasons why we purchased it, and it is performing well. The product version that we are on right now is much faster than the version that we were previously on.
Geremy Farmer
Information Technology Coordinator at Magnolia Bank, Incorporated
Real User
Top 20
Gives us a picture of our network environment, including VPN access and real-time alerts

What is our primary use case?

We use it to monitor our firewall logs for all of our locations, all of our network logs, and alerts. We also monitor any new users added to the network or who are locked out, any new installs or uninstalls of applications on servers. And we have reports generated for any types of processes or hashes that have been run on computers or servers.

Pros and Cons

  • "The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in."
  • "There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but which requires a solid-state hard drive... Depending on how many logs you have it could take a long time to return the results if you're looking back prior to the last 30 days."

What other advice do I have?

If it's your first SIEM event-correlation system, be prepared for a long process. That's not just because it's EventTracker. That seems like that's what that process takes. Again, it really depends on what data you want to capture and how much data you want to capture and how you want to review that data. That configuration process can be very time-consuming. We're on EventTracker 8, but we're getting ready to upgrade to the most recent version of nine, but we have not upgraded yet. I don't typically use the dashboard widgets. I have everything configured in daily, weekly, and monthly reports…
Learn what your peers think about Netsurion EventTracker. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
511,607 professionals have used our research since 2012.
Sean Sheil
Information Technology - Business Process Analyst at a financial services firm with 51-200 employees
Real User
Top 20
Enables us to track account creation and deletion and the number of errors in a given system

What is our primary use case?

We're getting some daily reports out of it for different systems regarding passwords expiring, accounts locked out, and a number of events in different categories. We're probably not using it to its fullest potential. We import log data into the solution from Windows Servers and switch-logs from the Cisco switches. Those are the main things that we feed into the system. We don't have any Linux or any other external systems that we feed into it.

Pros and Cons

  • "The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring."
  • "I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports."

What other advice do I have?

Go through some training to know the ins and outs of the application. It has changed quite a bit in the seven years I've worked with it, and it would be a good idea to do some more training to learn all the new features and to make sure you can utilize all the capabilities. The UI is okay. As I said, we're probably underutilizing the product compared to what we should be using it for. We don't view the information from it on screens. We more go off of the reports that we get daily out of the system. In our company there are only three people using the system. We're all IT managers. We're only…
Bryan Caporlette
Chief Technology Officer at G&G Outfitters Inc
Real User
Top 20
Identifies potential threats and the remediation that I should take to be able to quell those threats

What is our primary use case?

The primary use case is SIEM vulnerability and IDS.

Pros and Cons

  • "The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats."
  • "The deployment of the agents could be a bit easier. We always seem to have a bit of a challenge with that. A lot of times the agents either don't deploy or they quit responding, then we have to go and redeploy them."

What other advice do I have?

The solution has been everything that I've asked for from a service standpoint, software standpoint, and support. I have no complaints. My advice would be to engage them to do the installation. The managed service is great value which saves you a full-time employee on your staff by being able to outsource it to EventTracker to review all the logs and cull through the data to make recommendations and identify threats, then how to remediate them. They provide it to you in your weekly or daily report, depending on how frequently you want to have them do it, which is based on your compliance. If…