New Connectors and Rules in SearchInform Event Manager

15.03.2018

Back to news

The updated version of SearchInform Event Manager features new pre-set rules and connectors for Checkweighers, Palo Alto and Check Point firewalls, Symantec and McAfee antiviruses:

  • CWAConnector reads event logs of 1C and Checkweighers. New rules control logon time and creation of documents in non-working time, abrupt changes of weight and other events.
  • Rules for Symantec EPM and McAfee antiviruses detect and notify about isolated virus attacks and epidemics, network attacks, exploit of vulnerabilities in SW, malware, spyware and other types of malicious software and threats.
  • Services of Check Point and Palo Alto connectors include over 20 preset rules for monitoring and processing events of firewalls. In addition, a custom rule for Check Point products can be created.

A new rule of the MS Exchange connector Change of email box access rights took over the functions of the rule Granting access right to email box. The consolidated and enhanced rule detects not only granting but removal of rights to/from an account.

The advanced settings of the rule Activity outside of working time now allows changing working schedule, adding holidays and short days.

In the settings of Graph of incidents, the first version of which was presented at the end of 2017, there appeared the capability to create custom templates and save the position of objects on the graph according to a template. A new filter in the graph will provide for simple sorting of users and PCs by the number of notifications about incidents.