I only use Monitoring Checks (ICMP ping and Disk space). ICMP ping isn't smart enough to alert when a node comes back on line. Disk space generates unnecessary 'RPC server is unavailable' alerts because it doesn't know that a node went down. The older GFI NSM 7.0 sends alerts after a node comes back on line. It also knows not to process additional checks until that node is back on line. Please reinstate those functionalities in EventsManager!

Events Manager - Auto Generated Reports. Currently, Auto generated reports are not displaying the date range. The date range shows N/A. It would be nice is the date range printed on the report. For example, if a report is run for the previous month the date range would show March 1st 12:01 AM to March 31st 11:59 PM (or date and time that the report is scheduled to be run through).

We run SBS 2008 (and previously 2003). It'd be really nice if there was a default Event Source group with pre-defined filtering rules for SBS servers. Trying to decide if SBS is an infrastructure server, database server, print server, wweb server, or file server is always a tough call, since it's really all of the above, and trying to copy the default settings from each of these groups to make one for SBS is a pain. I left a bit too much enabled the last time I reinstalled and crippled our network because EM was collecting so much data.

We want to generate a report that shows the number of log in failures next to a person's username. To minimize the size of the list and help sort the problem area.

In GFI EventsManager, users can check a box to remember their password upon future launches of the Management Console. However, checking this box enables the credentials to be saved system-wide, meaning if another user logged on, they would be presented with the saved credentials as well.

I propose making the "Remember my Password" check box setting no system-wide, but stored in each user's application settings directory.

Currently in GFI EventsManager, all passwords created by Users are allowed, including those that are a single character.

I propose optionally enforcing password complexity rules like those used by most other applications that require a login.

Rule Folders in Evetns Manager should have configurable priorities rather than rely on Increaase/decrease priority. A configured priorty for rule folders combined with rule priority within the rule foders would enabel admin to know for sure the order of rule processing, e.g. folder 1 priorty 4 whould run before folder 3 prioryt 1. Right now it relies on the folder sorting which is not precise, just click the various options for this window and the folders jump around.

This is what the competitors does (for example Arcsight, EMC...). I know that this is very complex but it would be a nice Feature and selling point. An expample: You log in via VPN (Syslog/SNMP), connect via RDP (Windows event) and send an email message (W3C).

If this is possible you can better track user activities and do a better forensic analysis.

This would be a great Feature. Because you can install the EventsManager Data Collection Role on the Remote Server you would monitor, and if an event would be generated, it will be send to the Eventsmanager Management Role. The advantage is, that the network traffic would be quite lower than in the actual version.

Pls. add J-SOX report templates in GFI EventsManager as requested by many customers.

Provide a function for a user to select a monitored windows log and to "save" in EVT format, but have GFI do an event collect just before the log is saved/cleared. Our admins need to save EVT in binary format. This causes a concern about event collection timing and the possibility of missing uncollected events if the log is manually cleared.

Provide a dialog box to allow the user to specify which database to import events into. This would allow a user to import and review old data in a way that ensures the data set does not get mixed with live data.

provide the ability to apply custom "actions profile" actions to mulitple rules instead of having to change one rule at a time.

Currently we cant know which alert send and when/who it sends from GUI. Please add it.

Database operation schedule now can configure only one schedule. Why not each operation job has its own schedule?
If it is not possible, please consider to provide command line tool and we can use Windows schedule to run it!

Add the ability to export or import a single Event Processing rule or Event Processing Rule folder. This would allow customers to share custom rules with each other such as on the support forum, or allow GFI support to provide rules for special situations.