GFI EventsManager

How can we improve?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. Hierarchical Event Source Groups

    In our environment, it would be very beneficial to create "Event Sources Groups" inside other "Event Sources Groups" all while keeping "Inherit from Parent" as an available option across ALL configuration items in that sub-group.

    This is the reason behind this request. I manage multiple domains. The default groups you have in place are nice, but I end up tweaking credentials for servers in our different domains to use the correct login information.

    What I wanted to do was something like:

    domain1 - Set the default properties for the group here, i.e. Login Information, Active Monitoring Alerts, etc.
    - domain1\Domain…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. I would like to request export to excel or csv file option from the Reporting menu instead of pdf only

    I would like to request export to excel or csv file option from the Reporting menu instead of pdf only

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Reporting: Columns in Layout tab based on event ID in General tab

    When preparing custom reports or adjusting the available ones, GFI EM2k13 should have the ability for users to have it much easier to prepare effective custom reports much quicker.

    As described here http://manuals.gfi.com/en/esm2013administrator/content/ACM/Topics/Reporting/Creating_custom_reports.htm if one criteria in General tab is e.g. Event ID = 4624, then when we want to check for IP (or other columns), under the Layout tab the selection criteria should be narrowed down only to columns which event ID 4624 provides.
    https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4624#examples

    Right now, selecting from existing columns is an ugly mess because event IDs have various names for same columns.
    E.g. EID 4624 has: source…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. 1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Command

    A more robust command-line tool.

    We have been using EventsManager for several years and the management console is very slow to load, change tabs and limited in what you are allowed to see and manipulate.

    This is a problem in itself, but my suggestion is to offer sys admins a more robust alternative to the GUI interface. I recognize GFI does offer some command-line tools (such as ESMCmdConfig.exe, EsmDlibM.exe, etc.), but these only allow control of general management settings and are mostly used to manipulate the event database.

    Specifically, it would be helpful to have the following cmd-line features (in…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. EventsManager - Alert Threshold Settings Should Limit Number of Notifications Sent

    EventsManager - Alert Threshold Settings currently do not allow the end user to specify the number of notifications sent once an alert is triggered. By default, EventsManager will send one notification for each event processed and accounted for as part of the threshold. This can pose issues with E-mail or SMS congestion if a critical process or event occurs.

    Example A) EventsManager is configured to sent E-mail alerts on a failed system sign-on event - If 10 or more of these events are logged within 60 seconds, send a Notification. Currently, if a process running constantly experiences a password reset…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Database Rotation Notification

    Create a notification (email alert) on when a successful database rotation occurs

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Multiple Email Servers

    I would like the option to add an external mail server in addition to the internal mail server, G-Mail or otherwise. It's a little hard to get an alert about your mail server when it's sent from the mail server that is having an issue.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Smarter Monitoring Checks

    I only use Monitoring Checks (ICMP ping and Disk space). ICMP ping isn't smart enough to alert when a node comes back on line. Disk space generates unnecessary 'RPC server is unavailable' alerts because it doesn't know that a node went down. The older GFI NSM 7.0 sends alerts after a node comes back on line. It also knows not to process additional checks until that node is back on line. Please reinstate those functionalities in EventsManager!

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Reportd in PDF or XLS

    I would like to generate reports directly in PDF or XLS format

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. I would like to see a report status, which lists/identifies reports that are currently scheduled (active)

    I would like to see a report status, which lists/identifies reports that are currently scheduled (active)

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. When using alternate credentials, disable use of GFI credentials

    When trying to connect to servers outside of the domain, GFI credentials are used to log in even when alternate credentials are provided. This creates a lot of failed log in noise which must in turn be filtered out, requiring more processing.

    5 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Can we have threat correlation analytics soon?

    Can we have threat correlation analytics soon? Would be good to have graphical for a better show and tell. ie) device name, IP address and reason for this alerts

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. date range on auto genterated reports

    Events Manager - Auto Generated Reports. Currently, Auto generated reports are not displaying the date range. The date range shows N/A. It would be nice is the date range printed on the report. For example, if a report is run for the previous month the date range would show March 1st 12:01 AM to March 31st 11:59 PM (or date and time that the report is scheduled to be run through).

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Organize the database rotation at folder level

    When database rotation is enabled, ESM creates the new databases with a multitude of files in the same folder, creating a chaos at folder level.

    I would like to suggest that ESM creates a new folder when the db gets rotated, so it would be less of an administrative task when it comes to move specific database, or manually delete entire database.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Real-Time Status display

    I am a long-time user of ServerMonitor. I am now being forced to convert to EventsManager with Active Monitoring only licenses. I would like to have a display of the current status of my servers. Currently, if I look at "Monitoring Statistice", if have a single failed check followed by successful checks, the row is still red. Also, I cannot remove the unused sections that don't apply to Active Monitoring, wasting a LOT of real estate on the screen!

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Network messages alerts with Windows Server 2008 and Windows 7

    Makes the fonctionnality Network messages alert (which inform recipients that a particular event has occurred for) compatible with Windows Server 2008 and Windows Seven.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Support regular expressions in rules and views for text logs

    Please include support for regular expressions to be used in text log rules and views. There are ways to identify threats to web applications but most require use of regular expressions. The following source defines RE's for the top 10 threats:
    http://www.sans.org/reading-room/whitepapers/logging/detecting-attacks-web-applications-log-files-2074

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Remote Management Console for Eventsmanager

    A remote console to connect from a workstation to the Eventsmanager Management Server. At the moment you need to connect via RDP.

    6 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Enable Multiple User Access Login

    Under GFI EM you can't login with Admin privilege and view-only and at a the same time, infact you have to close the console before logging in with another account with lower privileges. I'd like to have this feature inorder to enable more people to view the product at same time.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

GFI EventsManager

Feedback and Knowledge Base