How to implement Security Hardening in EventLog Analyzer

How to implement Security Hardening in EventLog Analyzer

Objective 

Improve the overall safety of your EventLog Analyzer setup by enabling key security settings that protect access, data, and system behavior. All of these settings can be managed easily from one place: the Security Hardening dashboard.

Prerequisite 

  1. Make sure you're logged in with an account that has Administrator access to the Security Hardening section under Settings > Admin Settings >Product Settings (Category: General).
  2. Internet connection to the server and access to http://creator.zoho.com/ for Automatic Update for Critical Security Fixes

Steps to follow

Step 1: Go to Settings > Admin Settings >General:Product Settings> Security Hardening in EventLog Analyzer.
Step 2: You'll see a dashboard with a list of important security settings and your current security score.
Step 3: For each item listed, click the Configure or Enable button to turn it on or change its setting:
    • Enforce HTTPS – Makes sure your browser talks to the server in a safe, encrypted way.
      • Protects against attackers who try to listen in on your connection.
      • Needs an SSL certificate to work. 
    • Change the Default Admin Password – You must replace the default password with a strong one.
      • Prevents attackers from easily logging in with a well-known password.
      • Use a mix of uppercase, lowercase, numbers, and symbols.
    • Enforce Two-Factor Authentication (2FA) – Adds an extra step during login to confirm your identity.
      • Even if someone knows your password, they can’t log in without a second code.
      • Works with apps like Google Authenticator.
      • Please click this link for more details regarding 2FA options in EventLog Analyzer.
    • Enable CAPTCHA – Adds a simple “Are you a robot?” test to the login screen.
      • Blocks bots and automated tools from trying to guess your password.
      • Please click this link for more details regarding CAPTCHA options.
    • Block Invalid Login Attempts – Temporarily locks out anyone who fails to log in multiple times.
      • Stops hackers from trying passwords repeatedly.
      • You can set how many tries are allowed before the block.
    • Security Patch Update – Whenever critical vulnerabilities are discovered in EventLog Analyzer, a targeted security patch file update is released to mitigate associated risks.
      • The security patch will be pushed at 12am, and service restart will be triggered.
      • For instance, if a specific JSON file is found to be vulnerable, only that file will be replaced as part of the patch.
      • To ensure automatic updates are applied, please verify that the EventLog Analyzer server has internet connectivity and access to http://creator.zoho.com/
    • Enable Encryption for Log Archival – Keeps old log files safe by encrypting them when stored.
      • Prevents others from reading archived logs without permission.
      • Important for audits and compliance.
Step 4: As you complete each setting, it will show a green check mark.
Step 5: Your goal is to reach 100% completion. The product will keep reminding you until it’s done.

Tips

  • Items like HTTPS, Admin password change, and 2FA are mandatory. Others are highly recommended.
  • You'll receive alerts and popups if anything critical is still pending.
  • Start with the most critical settings (like passwords and 2FA) first.
  • Test major changes in a test setup before rolling them out in your live environment.

Related topics and articles

  • Logon Settings – includes CAPTCHA, password policy, 2FA, smart card login, IP restrictions
 

                  New to ADSelfService Plus?

                    • Related Articles

                    • Introduction to EventLog Analyzer

                      What is log management?  An enterprise network consists of different entities—perimeter devices, workstations, servers, applications, and more. Each entity records every activity that unfolds within it in the form of logs. These logs hold information ...
                    • Unable to start EventLog Analyzer

                      Issue description This issue occurs when the EventLog Analyzer service fails to start, or when users are unable to access the web client through the browser (typically on ports 8400 or 8445). Users may experience one or more of the following ...
                    • How to enable two-factor authentication in EventLog Analyzer

                      Objective To strengthen user authentication in EventLog Analyzer by enabling two-factor authentication (2FA). This helps prevent unauthorized access by requiring a second verification step. EventLog Analyzer supports multiple authentication methods ...
                    • How to enable automatic security patch updates in EventLog Analyzer

                      Objective To protect against newly discovered vulnerabilities, EventLog Analyzer provides automatic security patch updates. This feature ensures timely mitigation of vulnerabilities by automatically downloading and applying critical patches as soon ...
                    • Prerequisites to simulate Ransomware correlation rule in EventLog Analyzer

                      Prerequisites to simulate Ransomware correlation rule in EventLog Analyzer: 1) Ensure to add the target machine inside EventLog Analyzer(Product Configuration): Refer: Adding Windows Devices On adding a windows device, the default monitoring interval ...