- Complete Windows Event Monitoring
Automatically monitors Windows Event Logs. All Event Logs – including the Windows 2000 specific extensions – are fully processed.
- Monitors Text Files
Any application generated log files can be monitored. For example,
IIS log files can be forwarded to a syslog daemon or consolidated into a
central repository. Also, known attacks can be detected by matching web
requests against well known attack patterns and alerts be generated
(with the help of custom rule basis).
Other uses include DHCP logs or Oracle log files – there is a vast
number of applications writing status into text files and all of these
files can be accessed and for example forwarded to a syslog server.
- External Events
Events are accepted via a standard syslog server and hence all syslog enabled devices can be included in the MonitorWare system. This includes popular devices like routers and switches as well as printers and a large number of UNIX/Linux based systems and applications. Virtually all currently existing network devices support syslog – so MonitorWare Agent can monitor all of them.
To reach an even broader device range, not only standards compatible syslog is included but popular extensions like syslog over TCP.
- Active Network Probes
Ping and port probe services allow monitoring of both local and remote systems and services. These services are not restricted to Windows machines – virtually any existing service can be used with these probes. Good examples are LINUX based web and mail servers or firewalls. But our probes don’t restirct you to an OS – even if you have a SMTP server running on a mainframe, MonitorWare can check its operational state.
Failing systems and services are detected and alert be generated.
The MonitorWare system is modular and highly scalable. If a single server is to be monitored, MonitorWare Agent can provide all monitoring and alerting needs. However, multiple MonitorWare Agents in a complex, hierarchical network can talk to each other and provide both local and central alerting and event archiving.
- Event Archiving
All incoming events – no matter what source they came from – can be stored persistently. Options include archiving in databases as well as log files.
Alerts can be sent via email or syslog. As most pagers are accessible via email, this interface can also be used to trigger pager notifications.
- Powerful Event Processing
MonitorWare Agent’s powerful and flexible rule engine processes all events based on a configured set of actions. An unlimited number of rules and actions allows tailoring to the specific needs.
- Zero-Impact Monitoring
MonitorWare Agent has no noticeable impact on system resources. It was specifically written with minimal resource usage in mind. In typical scenarios, its footprint is barely traceable. This ensures it can also be installed on heavily loaded servers.
MonitorWare Agent is written to perform robust even under unusual circumstances. The reliability of the MonitorWare line of products is proven since 1996.
- Ease of Use
MonitorWare Agent is easy to install and configure. Comprehensive step-by-step guides and wizards help administrators with setting up even complex systems.
- Firewall Support
Does your security policy enforce you to use non-standard ports? MonitorWare Agent can be configured to listen on any TCP/IP port for syslog messages.
- Runs on large Variety of NT Systems
Windows 2019/2016/2012/10/8/7/ Vista/2008/2003/XP/2000; Workstation or Server – MonitorWare Agent runs on all of them.
We also have Compaq(Digital) ALPHA processor versions on platforms supporting this processor (engine only, available on request).
- Multi-Language Client
The MonitorWare Agent client comes with multiple languages ready to go. Out of the box, English, Japanese and German are supported. Languages can be switched instantly. Language settings are user-specific, so multiple users on the same machine can use different languages.