I would like to generate reports directly in PDF or XLS format

II would like the ability to perform a silent installation to be re-instated in EventsManager 2012, ideally just like it used to be with previous versions, i.e.:
EventsManagern /s /f1C:path.iss

As servers move towards being headless - having a GUI will merely be an option in Windows Server 8 - it seems a backwards step to disallow silent installation.

I would like the option to add an external mail server in addition to the internal mail server, G-Mail or otherwise. It's a little hard to get an alert about your mail server when it's sent from the mail server that is having an issue.

When event trigger ESM classified to critical or high event class, there is a "Run file" feature.
According GFI support said (GFI-170602-489017), this feature can not transfer event info to the execute file or batch file.

I think it is good to transfer event info and then I can do something myself.

I would like to request export to excel or csv file option from the Reporting menu instead of pdf only

Makes the fonctionnality Network messages alert (which inform recipients that a particular event has occurred for) compatible with Windows Server 2008 and Windows Seven.

We have a group of long list of users that need to be monitored login/logout.
Instead of define manually a filter by user/account in wich write a row for each user that belongs to thist group, with need a filter where define one or more groups.
GFI EvManager will ask to ActiveDir in order to get the users that belong to that specific group and will produce a report sorted by user.

EventsManager should have an offline mode, so that consultants could import saved logs and analyze them just as if they were collected online.

I would like to use the rule description in my alerting options, but it's not available. Although there is %rule name%, %check name% and %check description% it's not possible to get the information of the rule description. Please add this to the fields of an event.

I suggest you...provide a detailed upgrade installation document which includes screen shots of the installation wizard so we know what to expect and can gather the necessary information to answer the prompts.

Will we lose our existing db? Do we need to create a new db?
will our config settings be retained, or if not can we import a backup copy from the previous version?
Will all our custom rules be retained?

Those of us who have gone through past upgrades and lost data bases, and config settings now need reassurance each time.

It's only possible to format one email message under "Alerting Options". I would be nice if I could add new templates. This way the alert mails could provide more information to a special alert and could be formatted in a way that only needed information are displayed. This on template must be formatted very universally.

Since the main purpose of this tool is for reviewing logs, is there a facility to add comments to the logs (for e.g. what action we have taken for that particular event etc & then generate a report to show as evidence for log reviewing to Auditors).

At the moment of writing databases are created when needed, but it ccould have data in it with a creation date that is not logical to store next to eachother (time-wise). I like the database switch mechanism in Mailarchiver. Isn't it possible to do this also for ESM? So when I add a source, it will start taking the data from that machine and then store it in the databases related to either month, bimonthly, quarterly, half-yearly, annual.

Currently RegEx used "match" method (https://msdn.microsoft.com/en-us/library/system.text.regularexpressions.regex.match(v=vs.110).aspx), which requires the whole string to be separated from beginning to the end.

With enabling "matches" method (https://msdn.microsoft.com/en-us/library/system.text.regularexpressions.regex.matches(v=vs.110).aspx) more powerful RegEx patterns can be built to support variable syslog messages.

Examples can be provided.

At present EventsManager only allows you to use one schema per server for collection and processing of text logs. If you have more than one text log type on a single server that requires different schemas for processing them, you cannot specify a second schema to process the different text log types.

I just got finished with a chat session with support. I was amazed to learn that events manager does not support ssl email. Most all businesses that I know have already switched to this or working on it. I feel like this should be a top priority to be able to fully utilize this product.

I suggest you to allow defining more than one SID on a Oracle events source. At the moment we can define only one SID on a host, and we can't add the same host specifying another SID, because the host is already defined. We can partially bypass the problem inserting two entries for the same host, one with the host name and the other one with the ip address, anyway using this solution there is no way to collect events for more then two SID's on the same host.

I have a client that uses EventManager to audit administrative file access from users w/ admin rights. They would like a way to be notified if GFI services are stopped, or even trap such an occurrence, to ensure that those people with adminstrative rights aren't circumnavigating GFI's file access logging.

For every server, be able to add comments not necessarily connect to an event (like Microsoft dynamics CRM).

Currently we can add comments according to events but not directly in the Comment field.

Currently EventsManager requires all users (even read-only) to be a local administrator just to run the program.

What's the point of having a local user database within the program if only local administrators can launch it? Seems odd to have read-only users still be god of the entire system doesn't it?

I want to be able to have some "users" of EventsManager that are not a local administrator.

Older versions of the program didn't have this "feature" and shouldn't be too difficult of an adjustment to make.