Event Monitoring Software
Best Event Monitoring Software include:
DX Spectrum (formerly CA Spectrum), Splunk IT Service Intelligence (ITSI), IBM Tivoli Business Service Manager, IBM Tivoli NetCool/OMNIbus, Operations Manager i (formerly HP Operations Manager), Micro Focus Operations Bridge (formerly HP Operations Bridge), IBM Tivoli Netcool Impact, BigPanda, IBM Cloud Availability Monitoring (deprecated), and BMC Helix Monitor.
What is Event Monitoring Software?
Event Monitoring Software is a subset of network monitoring software. Event monitoring consists of analyzing and notifying network administrators of relevant events so they can remediate errors, or enforce security policy. An event monitoring ecosystem consists of software and hardware components such as operating systems, database management systems, applications, firewalls, processors, etc.
The log data generated by these components is mostly routine and irrelevant to issues. Event monitoring software automates log analysis, allowing administrators to focus on more important tasks instead of manually going through the log. Examples of meaningful events signaled by event logs to administrators may include:
When a user accessing a system exhibits unusual (or policy-violating) behavior
When a program encounters an error and fails
When a security policy is violated
When a piece of hardware fails or exhibits warning signs of failure
Other status change events
Beyond supplying automated, “agentless” log analytics, some event monitoring software vendors provide noise reduction by suppressing alerts. These IT event management solutions can group and suppress alerts associated with a single failure event. Removing redundant and repetitive alerts allows administrators to focus on restoring systems.
Features of Event Monitoring Software
Event monitoring software typically includes the following capabilities:
Agentless monitoring of on-premise, cloud, hybrid, and private network devices
Configurable noise reduction tools and alerting system
Filtering & suppression, “flood control,” device or system specific event alert suppression
Configurable alert thresholds (e.g. time limits, max notifications, etc.)
Centralized configurable dashboard for condensed network health information
Correlative analysis and reduction (i.e. to reduce a multitude of alerts to fixable events)
Alert grouping (i.e. lump related alerts into single event log)
Staff may opt-in or opt-out of alert groupings
Retention of historical device events (e.g. performance benchmarking, failures, etc.)
Monitor hardware characteristics (e.g. CPU temperature) as well as software characteristics
Privileged user monitoring
Internal user activity reports
External user device access and user session tracking
Machine learning/correlation engine for detecting or analyzing malicious or policy violating behaviors
Monitor and configure router traffic monitoring, accepted and denied logs
IT event monitoring and management software are available via perpetual license or subscription. They may be installed on-premise or deployed from the cloud. Some vendors may offer free trial periods or ‘freemium’ versions of their product that typically have limited feature availability. Plan prices increase with the number of integrations required and the number of users. Subscription plans are priced per user. Depending on the number of integrations plans may be available for $15 to $75 per month, per user. Alternately, pricing may depend on integrations rather than users. Pricing, in this case, may range from or around $3,000 per integration.
Everbridge Mass Notificaiton enables users to send notifications to individuals or groups using lists, locations, and visual intelligence, in order to keep recipients informed before, during, and after events. It is designed for three use cases:Emergency Response and ManagementCitizen…
IBM Cloud Availability Monitoring was a monitoring service available for monitoring web page loads, API and application availability or tendency to create alerts and issues, with frequent scoring for troubleshooting and diagnostics. According to the vendor: as of July 7, 2020, no…
HelpSystems Automate Plus (formerly Automate BPA Server) is scalable enterprise automation software designed to go beyond basic robotic process automation to integrate frontend and backend automated workflows across an organization. The vendor says their robust business enterprise…
Velociraptor is an open source security monitoring software tool developed by Velocidex and acquired by Rapid7 in April, 2021. Velociraptor works natively on Windows, macOS and Linux. An endpoint monitoring and forensics analysis tool, users can collect endpoint events such as event…
Eventdex event registration software helps manage the entire event lifecycle via registrations, payment collection, badges, mobile apps, onsite management and reports, and more. Eventdex charges a flat $0.75 per ticket, whether your ticket costs $50 or $5,000. The vendor says you…
Tencent Cloud Security Operations Center (SOC) (formerly known as Tencent Cloud Security Situation Awareness) is a big security data visualization platform that provides visibility into businesses, assets, threats and risks based on the customer's cloud security data and Tencent'…
BMC Helix Monitor is a SaaS solution that combines broad monitoring and event management capabilities with a containerized microservices architecture. It is designed to improve performance across complex environments while supporting the agility and speed required by digital businesses.…
Remote Access Plus is a secure and comprehensive enterprise troubleshooting solution that helps system administrators and IT help desk technicians to remotely resolve troubleshooting requests. The vendor says this solution provides powerful remote desktop sharing, over 12 diagnostic…
Check Point Software Technologies provides Check Point Infinity, a subscription based comprehensive enterprise security product suite combining network, cloud and endpoint security applications integrated into a single service priced on a per person basis. Infinitry Portal delivers…
CenturyLink® Security Log Monitoring service provides comprehensive security log traffic monitoring using people, technology and processes to analyze security log traffic 24 hours a day, 7 days a week and includes access to a portal for queries, reports, and other service-related…
BigPanda is designed to enable enterprise IT to intelligently automate and scale service operations to meet the complex demands of the modern datacenter. The vendor says their algorithmic service operations platform turns IT noise from fragmented clouds, teams, applications and monitoring…