Supercharger Free
Stop wrestling with Event Viewer. Supercharger Free provides
- At a glance, single pane of glass view of entire Windows Event Collection (WEC) environment
- Pre-built security filters with noise suppression based on Randy Franklin Smith's UltimateItSecurity.com
- Wizard-based create/update/delete/view of subscriptions
- Step-by-step guidance for new WEC implementations
Install Supercharger Free
Single Pane of Glass
Supercharger's manager/agent architecture installs in minutes and displays your global WEC environment on a single
pane of glass. Check the status of event forwarding from your browser or even your phone.
Centrally Manage Subscriptions
Create/edit/delete subscriptions with a click.
Filter the Noise with Help from UltimateItSecurity.com
Pre-built managed filters leverage our deep knowledge of the Windows Security Log. Point and click to create Xpath queries that
collect the events you want while leaving the noise behind.
New to Windows Event Collection?
Step-by-step guidance for new WEC implementations
Supercharger Enterprise
Supercharger Enterprise builds on top of Free Edition features:
Supercharger Enterprise expands on this foundation, providing comprehensive
enterprise management of your global Windows Event Collection environment.
Evaluate Enterprise for 30-days - Keep Free Edition
Support for Both AD/Group Policy and Entra/Intune Environments
All of Supercharger's enterprise functionality is available for collecting event logs
from Windows computers no matter where they are (on-prem or Internet) or how they
are managed. Supercharger will load balance Windows forwarders from AD domains or
modern Windows PC that are Entra-joined and managed by Intune.
Get event logs from mobile PCs
Supercharger makes it easy to manage WEC over the Internet using collector and forwarder certificate-based authentication.
Collector Health
Supercharger monitors every aspect of collector health alerting you via color-coded dashboard,
events sent to your SIEM and optionally email to any issue affecting event log collection. Supercharger detects
if and when WEC becomes overloaded and begins to drop events which could result in lost audit trails or allow
intrusions to go undetected.
Subscription Health
Supercharger monitors the status of every source computer for every subscription
in your environment. Supercharger queries Active Directory for membership of each group assigned to a subscription
and compares these computer accounts to the source computers reported by WEC. After filtering out non-existant,
dormant or disabled accounts Supercharger shows you which endpoints are sending events and which ones are missing. If
percentage of healthy forwarders falls below your specified threshold the subscription goes red and you are alerted.
Boost Throughput and Stability
Out of the box, a Windows Server is not optimized for dedicated Windows Event Collection and above only 2,500 events per second (EPS)
we start to see stability issues and dropped events.
Supercharger can automatically optimize WSMan settings, event logging buffers, the TCP/IP stack and HTTP.SYS settings
to increase EPS by multiple factors while almost eliminating WEC instability issues and dropped events which can
compromise instrusion detection, compliance and audit controls. In our tests we are able to sustain 30,000 events per second.
Load Balancing
What if you have tens of thousands of workstations or hundreds of servers that simply produce more events than one Collector can keep up
with?
Supercharger Enterprise can automatically distribute and balance this load across multiple controllers with
Load Balanced Subscriptions.
Managed Event Log Filters
One of the most powerful features of Windows Event Collection is its ability to define advanced filters that define exactly
which events you want to forward – and those that are just “noise” and should be left behind.
But building these filters requires specialized knowledge of XML query syntax and of the event logs you are collecting.
Supercharger helps you build powerful filters whether you know XML query and we provide special help for the Security Log
thanks to our relationship with UltimateItSecurity.com. Managed filters are where you find these capabilities.
Once you build your filter you can assign it to multiple subscriptions without duplicating it.
Custom Event Logs
To simplify configuration of downstream configuration and for optimal performance you should maintain a one-to-one
mapping between log types and destination logs on collectors. This requires creation of additional custom event
logs which is a technical and laborious process. Supercharger provides one-click custom log creation.
Purge Old WEC Sources
Event sources records build up indefinitely in the registry which in high-turnover environments become substantial.
WEC never deletes old sources. Supercharger can purge old event sources after a user defined interval.
Policy Based Management
Collector Policies enforce centralized configuration control and can automatically optimize collectors for throughput and dependability.
Subscription Policies ensure subscriptions are configured consistently across your entire environment and allow you to manage
similar subscriptions the same way without duplicating settings.
Security
Role based access control using Active Directory.
Performance Monitoring
Spot unusual activity levels. Supercharger surfaces key performance counters to the dashboard with visualizations that
plot current activity against 7-day peak and average.
- CPU
- Disk free space
- Events Per Second for each destination log
- Events Lost for each destination log
Capacity Planning
Analyze hourly performance stats to predict when additional collectors will be needed. (coming soon)
Evaluate Enterprise for 30-days - Keep Free Edition
Compare Editions