In this post I listed useful event log analysis tools for my daily work.
Latest posts by Bryan Campbell (see all)

You probably know Event Viewer, a baked in Windows tool. For sophisticated event log analysis, you often need additional tools. Some of the tools discussed here are applications, and some are websites.


I have a paid subscription for EventID.NET, and use this database for event ID searches. The site is a repository of almost all Windows event IDs and offers in-depth write ups, screenshots, and links to external sources. A one year subscription for an individual costs $29 USD.

Event log tool - -Search for event IDs

The consistently useful website has served me well since its inception. It is a crowd-sourced community of experts based on a Digg type voting system, in which a poster asks questions based on issues they are confronted with, usually scenario based, with Event IDs.

Event log tool - - Question and answer site for admins is another community site which is not limited to any platform or architecture. It has a similar voting system as and issues awards based on the helpfulness of the "experts".

Notice that is not free. After the 30-day free trial, prices vary from $12.95 USD for the monthly plan to the the two year plan for $189.95 USD.

Event log tool - - Tech support from experts


ManagEngine EventLog Analyzer

I have used many of ManageEngines free tools, and EventLog Analyzer is my favorite. The tool works with Unix/Linux/Windows and can be configured to give real time alerts and offers sophisticated reporting features. The holy grail of all IT logging is the centralized logging ability. EventLog Analyzer can also collect logs from devices such as routers, web services and FTP servers. The free version supports up to 5 hosts. The Professional Edition starts at $395 USD for 10 hosts. Check out the price list for other configurations.

Event log tool - ManageEngine EventLog Analyzer

Eventlog tool ManageEngine EventLog Analyzer

GFI EventsManager

GFI EventsManager provides similar features as the ManageEngine product offering real time alerts and support for SNMPv2 traps. I like the auto archive feature and its search filters. GFI doesn't offer a free edition but you can download a free trial. For a Server and 10 clients, GFI EventsManager costs $440 USD.

Event log tool - GFI EventsManager

Event log tool GFI EventsManager EventSentry

EventSentry offers quite a few interesting features that go far beyond event log monitoring and analysis: Compliance tracking, package managing, compliance tracking, log file monitoring, system health monitoring, and web reports. EventSentry Light is its free version and is a must-have tool for every admin doing event log analysis. Check out the comparison table to get an overview of the capabilities for its free and full version. A configuration with 10 hosts will cost you $698 USD. The complete price list can be found here.

Event log tool - EventSentry

Event log tool - EventSentry

Do you know any other good event log analysis tool?

  1. Chris Rich 12 years ago

    “@Bryan. I have a tool I think you should add to your list: NetWrix Event Log Manager. It has real-time alerting, archiving for up to 7+ years, robust reporting and consolidation of event logs and includes many predefined reports specifically for various regulatory auditors. The product is available as freeware or in an enterprise version. Please have a look:

    Chris Rich
    Product Manager
    NetWrix Corporation

  2. Author
    Bryan 12 years ago

    Thanks Chris, i’ll be sure to take a look!

  3. alireza ghahrood 6 years ago

    Log analyser or 😀

  4. Nathan 6 years ago

    Here’s another one for the list:

    Open Source and free

    LOGalyze is an open source, centralized log management and network monitoring software. If you would like to handle all of your log data in one place, LOGalyze is the right choice. It supports Linux/Unix servers, network devices, Windows hosts. It provides real-time event detection and extensive search capabilities.

Leave a reply

Your email address will not be published.


© 4sysops 2006 - 2023


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account