• Introduction To Comodo CWatch Network
  • Purchase A License
  • Log-in To The Admin Console
• The Main Interface
• The Dashboard
• Customer Asset Management
  • Add Customers
  • Add Assets For Monitoring
    • Hard Assets
    • Soft Assets
  • Configure Nxlog And Rsyslog To Send Logs To CWatch Network Server
  • Edit Customers
• Query Management
  • Configure Event Queries
  • Long Term Analysis
  • Configure Custom Dashboards
  • Event Field Selection Settings
• Manage Rules
  • Manage Correlation Rules
  • Manage Tagged Rules
  • Manage Aggregation Rules
• Incidents
  • Manage Incidents
  • Incident Category Management
  • Category Action Management
• Lists
  • Manage Live Lists
  • Manage Live List Content
  • Manage Range List Content
  • Manage IP Range List Content
  • Manage Multiple Column List Content
• Manage Reports
• Administration
  • Event Collection
  • Phantom Settings
  • Manage Users
  • View License And Subscription Details
• Appendix 1 – Field Groups And Event Items Description
• Appendix 2 – CWatch Supported Logs
• About Comodo Security Solutions

Introduction to Comodo cWatch Network

Comodo cWatch Network is a security intelligence and event management product (SIEM) built exclusively for MSPs to help them grow their business. cWatch Network features advanced event log monitoring, built-in reporting, multiple pre-set queries, a powerful custom-query interface, automatic assignment of incidents to personnel, customizable dashboards and real-time alerts. cWatch Network's multi-tenancy architecture enables MSPs to manage their customers from a single deployment and benefit from "big data" scalability as their log sizes increase.

Features

• Real-time event monitoring and processing

• Long-term log retention, archiving and backup

• Multiple 'Ready-to-go' queries to address typical use-cases

• Powerful query creation interface for custom queries

• Configurable custom dashboards

• Custom report generation and report scheduling

• Incident management

• Choice of agent or agent-less log collection

• Per-customer policy creation and management

• Immediate alerts and incident delegation

• 'Live Lists' of event parameters for use in queries and correlation rules

• Rapid search over huge volumes of data

Guide Structure

This guide is intended to take you through the configuration and use of cWatch Network and is broken down into the following main sections.

• Introduction to Comodo cWatch Network

• Purchase a License

• Log-in to the Admin Console 

• The Main Interface

• The Dashboard

• Customer Asset Management

• Add Customers

• Add Assets for Monitoring

• Configure Nxlog and Rsyslog to Send Logs to cWatch Network Server

• Edit Customers

• Query Management

• Configure Event Queries

• Long Term Analysis

• Configure Custom Dashboards

• Event Field Selection Settings

• Manage Rules

• Manage Correlation Rules

• Manage Tagged Rules

• Incidents
  

• Manage Incidents

• Incident Category Management

• Category Action Management

• Lists

• Manage Live Lists

• Manage Live List Content

• Manage Range List Content

• Manage IP Range List Content

• Manage Multiple Column Lists Content

• Manage Reports

• Administration

• Event Collection

• Phantom Settings

• Manage Users

• View License and Subscription Details

• CWatch MDR

• Service Summary

• Incidents Overview

• Anomaly Dashboard

• Threat Summary

• Log Collection Summary

• Threat Communication Graph

• Operational Reports

• Endpoint Compliance Report

• Appendix 1 - Field Groups and Event Items Description

• Appendix 2 – cWatch Supported Logs