GFI EventsManager

How can we improve?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. Multiple Email Servers

    I would like the option to add an external mail server in addition to the internal mail server, G-Mail or otherwise. It's a little hard to get an alert about your mail server when it's sent from the mail server that is having an issue.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Reportd in PDF or XLS

    I would like to generate reports directly in PDF or XLS format

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Rollbased deployment for Eventsmanager (like Mailarchiver)

    This would be a great Feature. Because you can install the EventsManager Data Collection Role on the Remote Server you would monitor, and if an event would be generated, it will be send to the Eventsmanager Management Role. The advantage is, that the network traffic would be quite lower than in the actual version.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. ESM:Event Correlation between W3C, SNMP, Syslog and Eventlogs

    This is what the competitors does (for example Arcsight, EMC...). I know that this is very complex but it would be a nice Feature and selling point. An expample: You log in via VPN (Syslog/SNMP), connect via RDP (Windows event) and send an email message (W3C).

    If this is possible you can better track user activities and do a better forensic analysis.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Default Event Source Group for SBS

    We run SBS 2008 (and previously 2003). It'd be really nice if there was a default Event Source group with pre-defined filtering rules for SBS servers. Trying to decide if SBS is an infrastructure server, database server, print server, wweb server, or file server is always a tough call, since it's really all of the above, and trying to copy the default settings from each of these groups to make one for SBS is a pain. I left a bit too much enabled the last time I reinstalled and crippled our network because EM was collecting so much data.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. PCI compliance ruleset

    The GFI EventsManager need a default PCI compliance ruleset for unix/linux/syslog in EventsManager

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. STOP "No events were found matching the filtering criteria." reports

    include the ability/option to prevent reports with "No events were found matching the filtering criteria." from being generated or being sent

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add NERC CIP Pre-defined Report to ESM

    An evaluating customer suggested that we add the NERC CIP standards to the choices of pre-defined reports. Here is a link:http://www.nerc.com/page.php?cid=2|20 and the requirements crossmap over to PCI, HIPAA, etc. Our competitors have this type of report available (just google NERC CIP)...

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Open a ruleset repository for other products

    I've discussed with some distributors in emea, that it would be a good idea to implement or to open a location (e.g. in the User Forum) to share customer created rulesets. I think that will be a big improvement, because if someone has spend some time and work to create a ruleset for a special product or vendor, it will make it easy to share this work with other customers.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Event manager service disabled trap

    I have a client that uses EventManager to audit administrative file access from users w/ admin rights. They would like a way to be notified if GFI services are stopped, or even trap such an occurrence, to ensure that those people with adminstrative rights aren't circumnavigating GFI's file access logging.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Oracle auditing and SID's

    I suggest you to allow defining more than one SID on a Oracle events source. At the moment we can define only one SID on a host, and we can't add the same host specifying another SID, because the host is already defined. We can partially bypass the problem inserting two entries for the same host, one with the host name and the other one with the ip address, anyway using this solution there is no way to collect events for more then two SID's on the same host.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Adding Commnets

    Since the main purpose of this tool is for reviewing logs, is there a facility to add comments to the logs (for e.g. what action we have taken for that particular event etc & then generate a report to show as evidence for log reviewing to Auditors).

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Product Upgrade Instructions

    I suggest you...provide a detailed upgrade installation document which includes screen shots of the installation wizard so we know what to expect and can gather the necessary information to answer the prompts.

    Will we lose our existing db? Do we need to create a new db?
    will our config settings be retained, or if not can we import a backup copy from the previous version?
    Will all our custom rules be retained?

    Those of us who have gone through past upgrades and lost data bases, and config settings now need reassurance each time.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Offline mode

    EventsManager should have an offline mode, so that consultants could import saved logs and analyze them just as if they were collected online.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. New report filter to manages groups of ActDir

    We have a group of long list of users that need to be monitored login/logout.
    Instead of define manually a filter by user/account in wich write a row for each user that belongs to thist group, with need a filter where define one or more groups.
    GFI EvManager will ask to ActiveDir in order to get the users that belong to that specific group and will produce a report sorted by user.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Bring back silent installation

    II would like the ability to perform a silent installation to be re-instated in EventsManager 2012, ideally just like it used to be with previous versions, i.e.:
    EventsManagern /s /f1C:path.iss

    As servers move towards being headless - having a GUI will merely be an option in Windows Server 8 - it seems a backwards step to disallow silent installation.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Sort Time Field when sort Date field in Events Browser

    When in Events Browser and you click the Date field to sort, add an implied sort to the Time field. Currently, if you click Date to show newest date at the top, the Time field continues to sort ascending, with events at 1am at the top of the list ahead of events at 4pm. But the intent of the user clicking the Date field is to see the newest events at the top (or the oldest events at the top). So please add a connection that when you click the Date field to sort, the Time field is sorted to…

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Ability to Export or Import Single Rule or Rule Folder

    Add the ability to export or import a single Event Processing rule or Event Processing Rule folder. This would allow customers to share custom rules with each other such as on the support forum, or allow GFI support to provide rules for special situations.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Database operation schedule or command line tool

    Database operation schedule now can configure only one schedule. Why not each operation job has its own schedule?
    If it is not possible, please consider to provide command line tool and we can use Windows schedule to run it!

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  20. display alert send log

    Currently we cant know which alert send and when/who it sends from GUI. Please add it.

    1 vote
    Sign in
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Collecting Feedback  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

GFI EventsManager

Feedback and Knowledge Base