Use this section to select the chart type for top events.

The Top Important Log Events section provides statistical information about:

• Top 10 successful Logon events outside working hours
• Top 10 important Logon events during working hours
• Top 10 failed Logon events.

Events in this section are filtered by:

• Machine: Select a machine or key in a machine name in the drop down list
• Period: The time period when the events occurred (Last hour, Last 24 hours, Last 7 days or a specific date).

The Critical and High Importance Events section provides statistical/graphical information about critical events collected from all event sources. Here you can also view the vulnerability results monitored by GFI LanGuard.

This graph shows the rules that collected and processed events for a particular period. From the drop down lists, select the type of information to display. Select from:

• Grouping: Determines how events are grouped; such as Events, Computers, Computer groups, Events/Computers or Events/Computer groups
• Event type: Select the type of data to display (Windows^®, Text Logs, Syslog, SNMP, Active Monitoring Logs, SQL and Oracle audit)
• Alert type: Specify the alert severity; such as All alerts, Critical or High
• Period: Specify the time period when the events occurred (Last hour, Last 24 hours, Last 7 days or a specific date).

The Top Service Status Events displays the top 10 services that caused the selected event. A service can generate events when:

• Terminated with an error
• Failed to load
• Failed to start
• Timed out
• Stopped
• Started.

The graph shows the frequency of these events sorted by service type and/or by computer generating the event. Select a machine or service from the drop down lists or key in the required criteria to customize the graph results.

The Top Network Activity Events section displays details of the top 10 network activities (inbound and outbound) for computers running Microsoft^®Windows^® Vista or later. Network activity consists of all type of traffic generated by various protocols including SMTP, HTTP, FTP and MSN traffic. The network activities displayed can be filtered by:

• Applications
• Source Addresses
• Destination Addresses
• Computers
• Ports
• Users.

Select parameters from the drop down lists or key in the values to filter the type of chart displayed.

The Monitoring Statistics section displays status information about active Active Monitoring you are running on event sources. The information displayed in this section is refreshed every 20 seconds and you provides the:

• Check name
• Success/Fail count
• Number of generated events
• Check date and time
• Check type.

Select a row and click View Events to view the pertaining logs that were generated when the check failed/succeeded.

Click the Arrange Window icon to automatically fit all graphs in the management console.

The GFI EventsManager Service Status is used to view:

• The operational status of GFI EventsManager service/event processing engine
• The operational status of the Syslog server
• The operational status of the SNMP TrapsNotifications/alerts generated and transmitted by active network components (Example: hubs, routers and bridges) to SNMP server(s) whenever important events such as faults or security violations occur. Data contained in SNMP Traps may contain configuration, status as well as statistical information such as number of device failures to date. server
• The operational status of the database server currently in use by GFI EventsManager.