Configuring GFI EventsManager for evaluation

GFI EventsManager has many features that apply to several log types. Event logsA collection of entries which describe events that occurred on the network or on a computer system. GFI EventsManager supports different types of event logs including: Windows Event Log, W3C Logs, Syslog, SNMP Traps and SQL Server audit events. from the localhost are collected and processed automatically upon first startup of GFI EventsManager. For best results, you should enable Audit Policy on all categories on the machines listed below. More information can be obtained using this link: http://go.gfi.com/?pageid=esm_adminguide#cshid=AuditPolicy.

  • The local machine or a workstation (a Windows 7 machine is recommended)
  • A Windows server in your network (ensure the GFI EventsManager service account you specified during the installation has admin rights on that machine)

Observing operational history logs of the localhost

To confirm that event logs of the localhost are being processed:

1. Open GFI EventsManager and from Status tab click >Job Activity.

Operational history logs of the localhost

2. Check that there is activity logs under the Operational History section.

Note

If the installation is functioning properly, this section is instantly populated.