Product manual
GFI EventsManager 5 Collecting Event Logs | 121
4. Once the stored events are loaded, search for an entry with:
Source: GFI LanGuard
Event ID: 0.
In case the event log is not created, typically the GFI LanGuard scan was already initiated once the
registry key to output event logs was modified. Re-run the scan. Alternatively ensure that the registry
value was created in the right location as the location for x86 platforms is different from that of x64
platforms.
5.7 Collecting GFI EndPointSecurity events
GFI EndPointSecurity enables you to maintain data integrity by preventing unauthorized access, and,
the transfer of content to and from the following devices or connection ports:
Device Example
USB Ports Flash/Memory card readers and pen drives.
Firewire ports Digital cameras and Fire-wire card readers.
Wireless devices Bluetooth and Infrared dongles
Floppy disk drives Internal and external (USB) floppy drives.
Optical drives CD, DVD and Blu-ray discs.
Magneto Optical drives Internal and external (USB) drives.
Removable storage USB hard-disk drives.
Other drives such as Zip drives and tape drives Internal or External (USB/Serial/Parallel) drives.
Table 38: GFI EndPointSecurity supported devices
Note
For more information about GFI EndPointSecurity, refer to
http://www.gfi.com/endpointsecurity.
Enable GFI EndPointSecurity logging
By default, GFI EndPointSecurity generates logs with information about:
The GFI EndPointSecurity service
Devices connected and disconnected on your network
Access allowed or denied by GFI EndPointSecurity to users.
To configure logging options in GFI EndPointSecurity:
1. From the machine running GFI EndPointSecurity machine, launch GFI EndPointSecurity Management
Console.
2. Click Configuration tab > Protection Policies.
3. From the left pane, select the protection policy and click Set Logging Options.
4. Customize the settings available in Logging Option dialog.