GFI EventsManager

How can we improve?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. Remote Management Console for Eventsmanager

    A remote console to connect from a workstation to the Eventsmanager Management Server. At the moment you need to connect via RDP.

    7 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add export report to Excel (xls) feature back into EventsManager

    Before version 2012, you could export reports in Excel format. This was great because we had the reports go to a folder on the network and once a day, we would go to the folder and review the events and comment on why the event was in the log. With the new reporting, you can only export to pdf and html which it is not possible to easily comment on events.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. EventsManager Web Interface

    There should be a Web interface to EventsManager for browsing events and viewing reports.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Disable logon attempts from the account service is running as

    We are using Eventsmanager to collect event logs etc from a server located in a DMZ, which is out of reach from domain controllers. This prevents the account under which GFI Eventsmanager service is running to log on to this server. We have specified another set of credentials in the Event Source properties.

    However, the service still tries to log on to this server as the domain account that the EM service is running under in addition to the credentials supplied in said properties. This generates 36 failed logon attempts per hour on a production server, which triggers some other…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. GFI EventManager Performance

    Currently GFI eventmanager is a 32 bit application. It is a little bit slow when it has to process large quantity of logs (This has been experienced in out operation). Let make this application a 64 bit cause there are powerful servers in the market which can support heavy load.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Rollbased deployment for Eventsmanager (like Mailarchiver)

    This would be a great Feature. Because you can install the EventsManager Data Collection Role on the Remote Server you would monitor, and if an event would be generated, it will be send to the Eventsmanager Management Role. The advantage is, that the network traffic would be quite lower than in the actual version.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. GFI EventsManager - feature request

    Pls. add feature that allow administrators to have their own custom dashboard and report profile. Web based interface is preferred.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Real-Time Status display

    I am a long-time user of ServerMonitor. I am now being forced to convert to EventsManager with Active Monitoring only licenses. I would like to have a display of the current status of my servers. Currently, if I look at "Monitoring Statistice", if have a single failed check followed by successful checks, the row is still red. Also, I cannot remove the unused sections that don't apply to Active Monitoring, wasting a LOT of real estate on the screen!

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. More Active Directory Sync options

    In active directory we have a separate Organizational Unit for our Servers and client machines. An option I would like to have an option to have events manager automatically update it's collection sources based on these OU's.

    For example:
    I have a WebServers OU under a main OU called Servers under the default domain. All of our web servers are naturally under this OU and are all configured the same.

    In EventsManager I would like to have an event source that can be named something like WebServers and this group is configured to sync from Active Directory from the WebServers…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Support VMware SNMP and Syslog out of the box

    Since VMware is present in many environments now, it would be useful if GFI EventsManager automatically recognized and had canned Event Processing and Views for VMware ESXi and vCenter.

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Customize PDF report filename

    ReportPack now creates pdf reports as system filename totally incongruent with the filter action, sense, and selections defined in custom-job.
    We need to customize the filename of the pdf reportfile as, for example, with the same name of the custom-job that generated that report.
    Thanks

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Support regular expressions in rules and views for text logs

    Please include support for regular expressions to be used in text log rules and views. There are ways to identify threats to web applications but most require use of regular expressions. The following source defines RE's for the top 10 threats:
    http://www.sans.org/reading-room/whitepapers/logging/detecting-attacks-web-applications-log-files-2074

    3 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Reading Events Archived by Windows

    Being able to access event log archives that may have been created prior to EventsManager and pull these events into the system would be fantastic. Would help get everything under one roof in a way.

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow non-administrators to run EventsManager

    Currently EventsManager requires all users (even read-only) to be a local administrator just to run the program.

    What's the point of having a local user database within the program if only local administrators can launch it? Seems odd to have read-only users still be god of the entire system doesn't it?

    I want to be able to have some "users" of EventsManager that are not a local administrator.

    Older versions of the program didn't have this "feature" and shouldn't be too difficult of an adjustment to make.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. notify if no events being collected

    We don't look at system every day because we don't have a policy (or staff) yet that requires auditing daily. So we usually only look at it when there is a problem or something needs researched.

    In the old version we had this happen a couple times and already had it happen once in 2012 version, where events would just stop being collected and we wouldn't know about it until we needed something and it wasn't there. This is a big problem for devices that don't have local storage for syslogging and only send to GFI. It is also a…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Null scheduled reports

    The schedule reports that inlude no data (No events were found matching the filtering criteria.) should not be emailed. The user should receive report only in case there are data to view

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Ability to Alert via Email when GFI Services/processes fail

    We utilize GFI EventsManager 2012 to collect logging data for compliance and for that reason it must run nearly 24/7. In the past couple of months I have had issues where occasionally various aspects of SNMP or SYSLOG stop. Sadly no alert is raised unless I am in the GUI everyda, which I am not nor do I guess are other overburdened IT professionals.

    What would be great is if their was an option that I could enable to have GFI EventsManager email me when any of its processes failed(I understand not being able to email if esmproc.exe stopped) such…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Customize names for EventsManager Scheduled Report attachments

    I would like to control the naming of the pdf attachments of Events Manager scheduled reports. Previous versions of Events Manager and SELM were consistent with their attachment names (i.e. always named sched0_xxxxx.pdf, sched1_xxxxxx.pdf, etc.). This allowed us to run a script to rename them to something descriptive i.e. AAA - Account Lockout Report.pdf. We have several customers who we perform network monitoring for and the automated renaming script, although not ideal, was efficient.

    With Events Manager 2012 there is no consistency in the names of the report attachments. Since they are completely random we are unable to know which…

    2 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. EventsManager sees consistency/correlations

    From a large account we've had the question if it was possible to let GFI ESM see correlation between events. For example (and many examples could be given for this account) they have a key less entry system that has multiple touch points. Whenever someone opens a door, takes the elevator and enters a server room, with 'some' additional intelligence, this chain of events could be reported as a security breech.
    Why should this be added, is because this way the reporting of special events that are not normal, can be flagged as a breech of security and when there…

    0 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Change license model to open new opportunities

    I talked with some customers/resellers, which didn't buy EventsManager, because the license model is not the best. I've collected some ideas from them:

    License Model 1:

    - License per format and node (e.g. 3x snmp enabled router = 3x EventsManager SNMP Licenses)
    - difference in Windows Eventlog for Workstation and Server (already available, so no change needed)
    - difference in Syslog for Workstation and Server (e.g. 3x Ubuntu Deskop = 3x EventsManager Syslog for Workstation)

    They tell me the reason: The customer don't understand to buy a very expensive server license for a router or switch (e.g. per Node =…

    0 votes
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

GFI EventsManager

Feedback and Knowledge Base