Introduction to the GFI LANguard S.E.L.M. event viewer
The GFI LANguard S.E.L.M. event viewer
The Windows Event Viewer only allows you to search for and filter out event records whose event properties were reported in the header of each and every event record. However field values contained in the description field could not be searched for or analyzed or compared to other events of the same type.
Also, in the report pane of the Windows Event Viewer, you could only see the following fields : Type, Date, Time, Source, Category, Event, User, Computer, which provide very little valid information to a security administrator. Also going through the events one by one to compare events of the same type is both nerving and too time consuming.
The GFI LANguard S.E.L.M. Event Viewer overcomes all the above limitations. The GFI LANguard S.E.L.M. Event Viewer both lists the fields contained in the description field of the event in a column format and lets you perform searches and filtering operations for matching values in the fields contained in the description field of an event. You can also create complex searches and filters based on these extended fields.
LANguard S.E.L.M .Event Viewer – description fields viewable in columnar format
Event categorization
First of all, the GFI LANguard S.E.L.M. event viewer will automatically categorize events occurring on your network in to 6 categories: Critical security events, which require immediate attention, high security events, medium security events, low security events and unclassified security events. There is also a category for all security events. GFI LANguard S.E.L.M. has a built in table of event rules that determine what makes up the security level of an event. For more information about this table, see the chapter 'Security event categorization'.
Events for which there is no rule specified (as explained in the 'Security event categorization' chapter) are placed into the Unclassified security events log. Using this category, you can refine the categorization rules to meet your own network security requirements.
| 
