2019-02-07T12:28:00Z

What is your primary use case for Netsurion EventTracker?


How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Guest
1010 Answers

author avatar
Top 5Real User

It's a system incident and event management platform. The typical use cases that go along with that are alerting and syslog aggregation.

2019-12-23T07:05:00Z
author avatar
Top 10Real User

We use it for logging all of our Active Directory activities, including authentication, alterations, and modifications to the AD controls and privileges. We use it for events coming off of both the servers and the desktops. And we also roll in the logs from our various security controls and devices, such as our antivirus tools, backup service, firewalls, the IPS, etc. Those are all rolled back into the EventTracker system. The goal is to eventually start taking advantage of the ability of EventTracker to correlate activity and alert on something that looks a bit unusual that we should then pay attention to. We get a daily report that they've built, which summarizes all of the activity across all of those areas, on a daily basis for us. The types of log data we import into it include firewalls, server event logs, user workstation event logs, all of the Active Directory activity and authentications, and all of our antivirus logs and our patching service logs. It's in the cloud. We use their console and we take advantage of their storage. We have them manage our logs and our archivals.

2019-12-23T07:05:00Z
author avatar
Top 5Real User

We use it for real-time alerts for things like domain admins being added. And we have the managed services provide weekly reports for us for VPN logins and several things like that. And of course, at any time I can do individual investigations and searches on interesting traffic that might be reported to me by EventTracker or that we find on our own.

2019-12-22T06:32:00Z
author avatar
Top 10Real User

We are using it to centralize all of our logs and have alerting on security issues. We primarily import Windows systems and Windows Server logs (2012 and 2016). We also import Cisco ASA logs, then Cisco router and switch logs. The import works well.

2019-11-28T06:07:00Z
author avatar
Real User

We use it for Windows event logs, disk space, and other alerts.

2019-09-10T09:04:00Z
author avatar
Real User

We were struggling at the event level, like a lot of people do, in terms of centralized event management and notifications. We just did not have a single pane of glass where we could see events, potential issues, all on a fine thread of a timeline to compare across our enterprise. We needed to know: Is there anything else going on at the same time? We use it extensively. Every product that we have on our network is tied into it. That's been huge for us. The thought process was, "If we're going to put it in place, we want every end-point out there to be cycling through logs or have syslogs pulled into EventTracker. Otherwise, it just didn't make sense. We wanted to have eyes on every device out there.

2019-09-10T09:04:00Z
author avatar
Real User

We are using it for audit compliance. Because when we have audits, we are required have a central event log storage location. If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically.

2019-04-02T07:03:00Z
author avatar
Top 20Real User

We use it to monitor our firewall logs for all of our locations, all of our network logs, and alerts. We also monitor any new users added to the network or who are locked out, any new installs or uninstalls of applications on servers. And we have reports generated for any types of processes or hashes that have been run on computers or servers.

2019-02-24T10:18:00Z
author avatar
Top 20Real User

We're getting some daily reports out of it for different systems regarding passwords expiring, accounts locked out, and a number of events in different categories. We're probably not using it to its fullest potential. We import log data into the solution from Windows Servers and switch-logs from the Cisco switches. Those are the main things that we feed into the system. We don't have any Linux or any other external systems that we feed into it.

2019-02-21T08:22:00Z
author avatar
Top 20Real User

The primary use case is SIEM vulnerability and IDS.

2019-02-07T12:28:00Z
Learn what your peers think about Netsurion EventTracker. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,517 professionals have used our research since 2012.