UPDATES AND ANNOUNCEMENTS 9/3/2008

Event Alarm 6 Release || Software Offers for Dorian Event Log Management ||

Feature: Why Can't a Windows Server 2008 or Windows Vista Log be Viewed On my XP Machine?
   
 

 

Event Alarm 6 is Now Available and Provides Side-by-Side
EVT / EVTX Log Monitoring Capabilities
 

Download the Software || Find Out More About Event Alarm ||
Existing Users With Active Upgrade Service: Request an Upgrade

Event Alarm for EVT and EVTX Log File Monitor Tool
Event Alarm ® has provided easy log file monitoring and notification for years. Now, Event Alarm 6 provides convenient monitoring of both EVT and EVTX log files side-by-side. And, working in conjunction with other components of Dorian Software's patented Total Event Log Management Solution ™ - provides seamless log data management across EVT and EVTX logs with a minimum of system resources.

Now, users can quickly deploy a single and consistent security log monitoring strategy across a wide array of different Microsoft operating systems, despite the complete renumbering of security event identifiers in Windows Server ® 2008 and Windows Vista ®. Dorian's exclusive LogRefiner ™ technology has been fully integrated with this latest release of Event Alarm, providing a number of key capabilities and functionality:

Side-by-Side EVT and EVTX Monitoring
Remotely monitor the newer EVTX format logs found on Windows Server 2008 and Windows Vista systems directly alongside the older EVT format logs found on legacy operating systems like Windows 2003. Simply install on a single computer running Windows Vista or Windows Server 2008. No middleware agents, multiple installations, or multiple software versions required.

Agent-Free and Remote EVT / EVTX Monitoring
Cross the EVT / EVTX boundary without installing or maintaining agents to monitor log files remotely.

Easy Setup For Efficient Log Monitoring
Monitoring can be done using a minimum of network services and firewall exceptions. Use of WMI (Windows Management Instrumentation) is not required. As a result, there isn’t much guesswork required to see if the solution will work in a specific environment: If you can view the log files remotely with the Windows event viewer, you can take advantage of the automated log monitoring and notification capabilities provided by Event Alarm.

Automatic "Fixing" of the Event Type in EVTX Security Logs
Administrators can easily see whether or not an event was a success audit or failure audit.

Automatic Extraction of Key User Information in EVTX Security Logs
Administrators can quickly determine the user responsible for the detected event.

Predefined EVTX Security Log Alarms
Many administrators are not yet aware that all of the event identifiers (Event IDs) for common security log events have changed in Windows Vista and Windows Server 2008. Event Alarm 6.0 ships with new alarms predefined for the new operating systems. On top of that, the Rapid Configuration Tool in Event Alarm automatically selects pre-Windows Vista / Server 2008 alarms alongside the newer alarms, making the monitoring of key security events in a transitional network completely transparent.

Improved Caching Techniques Greatly Reduce Authentications During Log Monitoring
Event Alarm 6.0 has been redesigned to cache even more network information during the monitoring of Windows event log files across the network. Now network administrators can utilize Event Alarm's Turbo Scanning Mode to receive extremely rapid notifications of critical events, all while not generating unnecessary logon/logoff audits in targeted computer security logs. Lightweight, rapid, and agent-free remote scanning of critical computer event logs is now a reality with Event Alarm 6.0

Support For RFC3164 Headers When Sending Syslog Notifications
Event Alarm 6.0 now ships with an additional option that can make its syslog notifications conform to the message header format described in RFC3164. As a result, Event Alarm can now forward key Windows log events in real time to other network appliances, software, and security devices that consume messages with RFC3164-style headers.

Download the Software || Find Out More About Event Alarm ||
Existing Users With Active Upgrade Service: Request an Upgrade


   
 

 

EVENT LOG MANAGEMENT AND SPECIAL OFFERS

 

Windows Event Log and Event ID Audit, Reports

The global credit crunch is tightening spending for many IT departments. Still, requirements call for strict log management standards. Need to put something in place quickly to satisfy those auditors? Need to start with small group of machines as a pilot?

Take a look at our Express Pack offering - available exclusively online. The Express Packs are available in convenient license quantities and budget-friendly prices

Visit our Current Promotions page for more.

   
 

 

FEATURE: Why Can't a Windows Server 2008 or Vista Log Be Viewed on My XP Machine?

 

It seems simple enough, doesn't it? At Dorian, we're seeing the question more and more, and we wish we had a better answer. But - regardless of what log management package you choose - if you want to review an EVTX log (that is, a log generated by Windows Server 2008 or Windows Vista) you're going to have to open it on a Windows Server 2008 or Windows Vista machine.

Why? Because the new Windows Event Log API functions are only available inside Windows Vista and later operating systems, legacy Windows operating systems like XP and 2003 cannot read previously saved EVTX files at all. There is simply no forward compatibility for consuming saved EVTX files. Period.

And while the legacy Event Log API can be used to read some of the events from an "active" EVTX file (that is to say an EVTX file currently being maintained by the EventLog service on a Vista machine), it cannot properly read and parse some events recorded by the new API.

Many remember when vending machines started accepting paper money. Whenever one actually had paper money, it seemed the "legacy" coin-only machines were all that were around. Try as you might, that XP machine isn't going to read that EVTX log. Don't thank us - thank Microsoft.

Our LogRefiner technology helps manage both formats (EVT and EVTX) side-by-side. Even with this snazzy new technology though, if there are any EVTX logs in the mix, plan on installing our software and managing from a Windows Vista or Windows Server 2008 machine.

Meanwhile, got change for a dollar?

 

OUR SOLUTIONS :: Event Log Management Suite || Event Archiver || Event Alarm
Event Analyst || Event Rover || UltraAdmin || Fortress Desktop || Other Solutions || Case Studies ::
SALES CENTER :: Get a Quote || Order Now by Credit Card || Find a Reseller || Government Sales ::
DOWNLOAD CENTER :: Free Downloads || Product Upgrades ::
SUPPORT CENTER :: Knowledge Base || Dorian Library || General Application Support || Report Bugs and Errors ::
OUR COMPANY :: Press Releases || Milestones || Dorian Alliance Partners || Investor Relations
Patents and Licensing || Legal Notices and Trademarks || Contact Us || Send an eCard ::
Home || Site Directory || Resources 1 2 3 || Related Links

Other Dorian Resources:
eventlogs.com || eventlogs.blogspot.com || eventarchiver.com || eventalarm.com || eventanalyst.com || eventrover.com
ultraadmin.com || fortressdesktop.com

Dorian Software Creations, Inc.
Phone 678.222.3443 | Toll Free 1.866.682.3646
Fax 413.647.8727 | Email sales@doriansoft.com

|| © Copyright 1999-2008 Dorian Software Creations, Inc. All rights reserved. ||
|| For questions and comments about this site, contact the webmaster. ||

Event Archiver, Event Analyst, Event Alarm, Event Rover, UltraAdmin, Fortress Desktop, and the Dorian word mark are trademarks or registered trademarks of Dorian Software Creations, Inc.
U.S. Patent No. 7,155,514 and other patents pending.

Microsoft, Windows, Microsoft Windows, Microsoft Windows NT, Microsoft Windows 2000, Microsoft Windows XP, Microsoft Windows 2003, Microsoft Vista, Microsoft SQL, and Microsoft Access are trademarks or registered trademarks of the Microsoft Corporation. All other trademarks are the trademarks of their respective companies.