Examples

Network and Security Administrator

Paul is a network administrator in a medium-sized enterprise with additional security responsibilities. A very large amount of logging information from various network devices are collected and stored on a log file server. Paul uses Logfalcon to detect various conditions, as well as to get an overview from the vast quantities of information.

•  Reporting Screen: Paul uses Logfalcon to produce a real-time report of the IP addresses with the most unsuccessful log-in attempts during the day. The report is sorted in descending order so that he can always see the most “troublesome” IPs at any point in time.

•  Alerting Screen: Paul wants to be notified whenever a network link goes down. Additionally, he wants to see the total number of packets received from each IP address but only if the total is over a certain level. Paul achieves this by using the Alerting screen of Logfalcon.

•  Search screen: Every morning Paul runs through a checklist to ensure that certain events have happened or did not happen the previous night. Using pre-set searches in Logfalcon Paul can go through this checklist with a few clicks of the mouse.

•  Dashboard Screen: Paul has combined real-time reporting with alerting screens to create a dashboard that he keeps permanently open on his desktop.

 

.