Report Samples

Customers are able to pre-set the contents to be monitored in advance to create desired reports automatically. Customers can also attach the created report to emails and send them to administrators. This will make it possible to detect cyber attacks and information leaks at an early stage.

File Server: Ransomware infection Monitoring (large number of files renaming)

A large number of file renaming is a typical sign of Ransomware. ALog can send alert emails when file names are changed a certain number of times in a certain period of time.

AD Server: User accounts creation and deletion Monitoring

From a security point of view, it is crucial to check the creation and deletion of users. This prevents usage of retired accounts or unauthorized creation of new accounts.

AD Server: Suspicious access Monitoring (Large number of Logon failures)

If there are large number of logon attempt failures, this could mean that a malware or hacker have been trying to access systems by logging into the system directory.

AD Server: Suspicious Operation Monitoring (Clear event logs)

This is a common action by malware or hackers and is very critical since someone could be trying to hide the access evidence.

MS365: Suspicious access Monitoring (Large number of Logon failures)

It could be tedious to check the login failures for Microsoft 365. This is important especially where staff may have to work from home during the current Covid pandemic.

MS365: Files/Folders Sharing Monitoring (SharePoint/OneDrive)

Sharing internal files or folders of Microsoft 365 is convenient for users. But sometimes it causes serious information leakage.

FW: Suspicious VPN access Monitoring (Large number of Connection failures)

If there is a large number of VPN connection failures, someone may have been trying to access internal network and system.
© 2021 IIJ GLOBAL SOLUTIONS SINGAPORE PTE. LTD. ALL RIGHTS RESERVED.
© 2021 IIJ GLOBAL SOLUTIONS SINGAPORE PTE. LTD.
ALL RIGHTS RESERVED.