Introduction to Comodo cWatch Network
Comodo cWatch Network is a security intelligence and event management product (SIEM) built exclusively for MSPs to help them grow their business. cWatch Network features advanced event log monitoring, built-in reporting, multiple pre-set queries, a powerful custom-query interface, automatic assignment of incidents to personnel, customizable dashboards and real-time alerts. cWatch Network's multi-tenancy architecture enables MSPs to manage their customers from a single deployment and benefit from "big data" scalability as their log sizes increase.
Features
-
Real-time event monitoring and processing
-
Long-term log retention, archiving and backup
-
Multiple 'Ready-to-go' queries to address typical use-cases
-
Powerful query creation interface for custom queries
-
Configurable custom dashboards
-
Custom report generation and report scheduling
-
Incident management
-
Choice of agent or agent-less log collection
-
Per-customer policy creation and management
-
Immediate alerts and incident delegation
-
'Live Lists' of event parameters for use in queries and correlation rules
-
Rapid search over huge volumes of data
Guide Structure
This guide is intended to take you through the configuration and use of cWatch Network and is broken down into the following main sections.