GFI EventsManager

How can we improve?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. Event manager service disabled trap

    I have a client that uses EventManager to audit administrative file access from users w/ admin rights. They would like a way to be notified if GFI services are stopped, or even trap such an occurrence, to ensure that those people with adminstrative rights aren't circumnavigating GFI's file access logging.

    1 vote
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  2. EventsManager sees consistency/correlations

    From a large account we've had the question if it was possible to let GFI ESM see correlation between events. For example (and many examples could be given for this account) they have a key less entry system that has multiple touch points. Whenever someone opens a door, takes the elevator and enters a server room, with 'some' additional intelligence, this chain of events could be reported as a security breech.
    Why should this be added, is because this way the reporting of special events that are not normal, can be flagged as a breech of security and when there…

    0 votes
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Open a ruleset repository for other products

    I've discussed with some distributors in emea, that it would be a good idea to implement or to open a location (e.g. in the User Forum) to share customer created rulesets. I think that will be a big improvement, because if someone has spend some time and work to create a ruleset for a special product or vendor, it will make it easy to share this work with other customers.

    1 vote
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Change license model to open new opportunities

    I talked with some customers/resellers, which didn't buy EventsManager, because the license model is not the best. I've collected some ideas from them:

    License Model 1:

    - License per format and node (e.g. 3x snmp enabled router = 3x EventsManager SNMP Licenses)
    - difference in Windows Eventlog for Workstation and Server (already available, so no change needed)
    - difference in Syslog for Workstation and Server (e.g. 3x Ubuntu Deskop = 3x EventsManager Syslog for Workstation)

    They tell me the reason: The customer don't understand to buy a very expensive server license for a router or switch (e.g. per Node =…

    0 votes
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Enable Multiple User Access Login

    Under GFI EM you can't login with Admin privilege and view-only and at a the same time, infact you have to close the console before logging in with another account with lower privileges. I'd like to have this feature inorder to enable more people to view the product at same time.

    5 votes
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add NERC CIP Pre-defined Report to ESM

    An evaluating customer suggested that we add the NERC CIP standards to the choices of pre-defined reports. Here is a link:http://www.nerc.com/page.php?cid=2|20 and the requirements crossmap over to PCI, HIPAA, etc. Our competitors have this type of report available (just google NERC CIP)...

    1 vote
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Web Interface or Client for workstation

    The interface should either be a web app or a client install. I don't want to have to RDP into the server to view the application.

    3 votes
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. STOP "No events were found matching the filtering criteria." reports

    include the ability/option to prevent reports with "No events were found matching the filtering criteria." from being generated or being sent

    1 vote
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. PCI compliance ruleset

    The GFI EventsManager need a default PCI compliance ruleset for unix/linux/syslog in EventsManager

    1 vote
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Default Event Source Group for SBS

    We run SBS 2008 (and previously 2003). It'd be really nice if there was a default Event Source group with pre-defined filtering rules for SBS servers. Trying to decide if SBS is an infrastructure server, database server, print server, wweb server, or file server is always a tough call, since it's really all of the above, and trying to copy the default settings from each of these groups to make one for SBS is a pain. I left a bit too much enabled the last time I reinstalled and crippled our network because EM was collecting so much data.

    1 vote
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. ESM:Event Correlation between W3C, SNMP, Syslog and Eventlogs

    This is what the competitors does (for example Arcsight, EMC...). I know that this is very complex but it would be a nice Feature and selling point. An expample: You log in via VPN (Syslog/SNMP), connect via RDP (Windows event) and send an email message (W3C).

    If this is possible you can better track user activities and do a better forensic analysis.

    1 vote
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Rollbased deployment for Eventsmanager (like Mailarchiver)

    This would be a great Feature. Because you can install the EventsManager Data Collection Role on the Remote Server you would monitor, and if an event would be generated, it will be send to the Eventsmanager Management Role. The advantage is, that the network traffic would be quite lower than in the actual version.

    1 vote
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Remote Management Console for Eventsmanager

    A remote console to connect from a workstation to the Eventsmanager Management Server. At the moment you need to connect via RDP.

    11 votes
    Sign in Sign in with GFI
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  8 comments  ·  Flag idea as inappropriate…  ·  Admin →
1 2 3 4 6 Next →
  • Don't see your idea?

GFI EventsManager

Feedback and Knowledge Base