Centralized Windows Event Log Management and Monitoring Software Tool
  • Call:  801-910-4256
  • Login

Corner Bowl Event Log Manager 2022

Centralized Windows Security and Event Log Management Software Tool for IT Professionals

Start your Free Event Log Manager Trial with Support Now
With best recommendations. Quick and dedicated support.
Frank H.
Senior Team Manager for IT Networks + Security
BUHLMANN GROUP
March 9, 2022

What is Event Log Manager?

It is...

  • an enterprise-class Centralized Windows Event Log Management Software Tool
  • a Centralized Event Log Consolidator
  • a Real-Time Windows Event Log Monitoring Software Tool
  • a Log Analyzer Tool
  • an Azure Active Directory Auditing Software Tool
  • An enhanced Windows Event Log Viewer with advanced search and filter capabilities
  • Supports Windows Event Logs and cloud-based Azure Active Directory Audit Logs
  • Compliance Reporting Software for PCI/DSS, JSIG, NIST, CJIS, HIPAA, SOX, GDPR and CIS Microsoft 365 Security & Compliance with 80+ pre-built reports.

What does Event Log Manager do?

  • Saves Windows Event Logs to a central location fulfilling many compliance requirements
  • Centrally consolidates log file entries to MySQL, Microsoft SQL Server, Elasticsearch, CosmosDB or to flat file
  • Real-Time monitors log files for critical events
  • Schedules compliance and auditing reports
  • Sends SMS and email alerts and notifications
  • Remote executes custom Powershell scripts
  • Automatically deletes expired centralized consolidated log entries and native log file backups
  • Discovers new Active Directory servers and workstations then automatically configures centralized log consolidation and log monitoring
  • Provides a paged view of log entries enabling IT professionals to quickly search, filter and analyze GB sized log files

How does Corner Bowl Event Log Manager do it?

Once harvested, log entries are saved to either a local or offsite log repository. Event Log Manager provides you with 6 different methods to centralize your log entries including SQLite, MySQL, Microsoft SQL Server, Elasiticsearch, CosmosDB and our own binary flat-file system.

SQLite
  • The world's most popular
  • Embedded RDBMS
  • No configuration required
MySQL
  • The world's most popular
  • Open source RDBMS
Microsoft SQL Server
  • Already have it?
  • The fastest RDBMS solution
  • Optimized batch inserts
Elasticsearch
  • Really fast and free!
  • Open source NoSQL
  • Uses a combination of WMI, Windows Shares, FTP/SSH and FTP/S to tail and download security, system and application log files from any platform.
  • Optionally, installs as an agent to reliably centralize Event Logs 12x faster than native Windows APIs while eliminating the requirement of running as a Domain Administrator!
  • Starts a Windows Syslog Server to receive, monitor and centralize hardware logs.
  • Eliminates the need to open ports on Work From Home (WFH) user networks by proxying through your own Azure Relay Hybrid Connection.

What else does Corner Bowl Event Log Manager include?

Centralize Native Windows Event Log and Linux Audit Log Files

Are you running on a secure air-gapped network and required to centralize native Windows Event Log Files and Linux System Log Files? Event Log Manager automatically backups, compresses, password protects, encrypts and digitally signs Windows Event Log Files and Linux Audit Log Files ensuring authenticity and accuracy fulfilling Event Log Management and File Auditing and Compliance requirements.

Event Log File Backup options

Includes Real-Time Windows Event Log Monitoring Templates

  • Monitor account lockouts
  • Monitor account management updates
  • Monitor successful logins
  • Monitor failed logon attempts
  • Monitor file system auditing events
  • Includes 80+ Security Audit Policy Filters
  • Monitor switch and firewall logs
  • Monitor IIS and other text-based application logs
Real Time Account Lockout Monitor options

Built-In Windows Event Log Auditing and Compliance Reporting

  • Critical Events
  • Successful Logons Summary and Detail
  • Failed Logons Summary and Detail
  • Logon Sessions History
  • Account Lockout Activity
  • New Account History
  • Account Management History
  • Security Group Management History
  • Azure Active Directory Audit Logs History
  • Azure Active Directory Sign-Ins History
  • Azure Active Directory Identity Risk History
Critical Events Report

Event Log Management Feature Set

FeaturesDescription
Windows Event Logs
Log ConsolidationConfigure log consolidation (e.g. Schedule Log Manager to download the latest Security Event Log entries then save to Microsoft SQL Server or MySQL once an hour).
Log File BackupBackup, compress, encrypt and sign native Event Log .evtx and .evt logs files (e.g. Download native Security Event Logs every night).
Log MonitorConfigure log monitoring (e.g. Create a real-time Event Log monitor to monitor Security Event Logs then trigger notifications when search criteria is detected).
Data Retention PolicyConfigure how long to retain Event Log entries in the log repository database (e.g. Archive Event Log entries older than 30 days and remove entries older than 90 days).
Event Log AnalyzerPage through data, search for criteria, highlight entries, view entry frequencies, mark entries and export result sets.
Azure Active Directory Audit Logs
Log ConsolidationConfigure log consolidation (e.g. Schedule Log Manager to download the latest Azure Audit Logs such as Sign-Ins and Identity Risk Events and then to Microsoft SQL Server or MySQL once an hour).
Log MonitorConfigure log monitoring (e.g. Create a log monitor to read the latest Azure Audit Log Events every 5 minutes then trigger notifications when search criteria is detected).
Data Retention PolicyConfigure how long to retain Azure Audit Log entries in the log repository database (e.g. Archive entries older than 30 days and remove entries older than 90 days).
Azure Audit Log AnalyzerPage through data, search for criteria, highlight entries, view entry frequencies, mark entries and export result sets.
SNMP Traps
Log ConsolidationConfigure SNMP traps to be saved to the log repository database (e.g. Save all received SNMP Traps received from switches, routers and firewalls to the log repository database).
SNMP Trap MonitorConfigure SNMP Trap monitoring (e.g. Create a real-time SNMP trap monitor then trigger notifications when search criteria is detected).
Data Retention PolicyConfigure how long to retain SNMP traps in the data repository database (e.g. Archive SNMP Traps older than 30 days and remove SNMP Traps older than 90 days).
SNMP Trap AnalyzerPage through data, search for criteria, highlight SNMP Traps, view SNMP Trap frequencies, mark SNMP Traps and export result sets.
On-Demand and Scheduled Reports
SIEM ReportsAnalyize all of your logs in one view with our Simple SIEM Reports.
Summary ReportsCreate daily summary reports so you can review your entire network in an email.
Inventory ReportsCreate daily inventory reports that include operating system version, CPU detail, memory, locale, Corner Bowl Agent information version and last check-in.
Advanced Security Audit PolicyOver 80 different advanced security audit reports that replicate Microsoft's security audit policy groups.
Account Lockout ReportsReceive daily account lockout detail reports.
Account Management ReportsReceive daily account management reports that include detail about account modifications.
New Accounts ReportsCreate daily new account reports so you can verify the new accounts that were created.
Success Login ReportsCreate daily success login reports so you can verify the users that logged into your servers.
Failed Login ReportsCreate daily failed login reports so you can see if there are ongoing attacks against your network.
Logon Sessions ReportsCreate daily logon sessions so you can verify how long employees are working and if they are properly logging off when they leave the office.
Security Group Management ReportsCreate daily security group management reports so you can verify changes made to security groups such as your Administrator group.
Object Access ReportsCreate daily object access reports so you see what changes have been made to the file system and registry.
Azure AD Audit Log ReportsCreate daily Azure Audit Log reports that include detail such as who logged into Azure Office 365.
Event Log ReportsCreate daily Event Log reports so you can monitor the health of your servers.

Related Tutorials and Articles

DescriptionVideoDocument
Server Manager 2022 Overview
Real-Time Account Lockout Monitoring
Real-Time Success Logon Monitoring and Reporting
Real-Time Windows File System Auditing
How to Audit Stand-Alone Air-Gapped Machines for JSIG and NIST Compliance
Simple SIEM Reports
How to Audit Print To Device Events
How to Centralize and Monitor CSV Files
Agent-Based Event Log Management
How to Centrally Consolidate Event Log Entries to SQL Server
Log Monitoring
How to Create Event Log Management Audit Reports
Azure Active Directory Audit Log Monitoring
How to Centralize and Backup Windows Event Log Files
How to Centralize and Backup Linux Log Files
How to Centralize and Backup IIS Log Files
How to Centrally Consolidate Syslog Entries
Syslog to CSV File
File Integrity Monitoring
Monitoring SNMP Traps and Variables

Last Updated: May 3rd, 2022