Powerful threat prediction, prevention, detection, and response along with compliance in a scalable, simple managed solution.
All-in-one networking solution that combines network connectivity, agility, security, and compliance in an affordable managed solution.
Accelerate business growth through our award-winning partner program.
Applies to: Comodo Endpoint Protection
Comodo Endpoint Protection (EP) is a powerful event analysis tool that provides real-time monitoring and detection of malicious events on Windows Endpoints. Endpoint Protection allows you to view the threats in a detailed timeline and instantly alerts about an attack.
Comodo Endpoint protection agent writes events automatically on Windows event viewer. EventTracker agent picks logs and sends to EventTracker. Comodo sends events like antivirus scan, HIPS, HIDS, containment, file rating, autorun, and configuration changes. Generates reports on potentially unwanted applications, antivirus scan detail, file rating, intrusion activities, configuration changes on Endpoint, alerts, threats detected, and unwanted files removed, etc. It contains username, client IP address, status, action, file path, file name, and hash. Graphically displays threat detected by file name, device name, device IP, file management Intrusion detected by filename, etc.
After Comodo EP is configured to deliver events to EventTracker, then alerts, dashboards, and reports can be configured into EventTracker.
Alerts
Reports
To configure Comodo Endpoint Protection to send logs to EventTracker, refer the How to Guide.
For more information, please refer Integration guide.