Creating Wannacry Correlation Rule
Hello I read this document: ransomware solution log360 it mentioned Wannacry detection way, but when i searched about wannacry in predefined correlation reports, it doesn't exist there: screenshot1 So, I have a question, should I create one for wannacry
Low memory detected on Log360's elasticsearch
Hi , I have a problem with EventLog Analyzer: Low memory detected on Log360's elasticsearch, increase the memory to at least 7 GB. Can you help me solve this problem?
Enhancements and Fixes in EventLog Analyzer's new build!
The latest release in ManageEngine EventLog Analyzer includes important enhancements and fixes. Enhancement: The bundled PostgreSQL version has been upgraded to 14.12. Check out the full release notes here. Highlights from other recent EventLog Analyzer
Malwarebytes integration issue
I installed Malwarebytes and it discover some malware and ip addresses which marked as malicious. But when I got to ELA reports -> Threats -> Malwarebytes It says "No report data found." Any ways to show the data?
How to set "log source" for a device?
Hi Team, In my Solaris servers, I want to report on "unsuccessful user logons", but I can only add devices, so my question is, where and what path/file should I set as my data-gathering source? Kind regards Mo
EA Dashboard - Logs Trend wrong Time
i set the wrapper additional to GMT-7, System Diagnostics confirms I have GMT-7 set and shows proper time. But on the Dashboard - Logs Trends widget still shows UTC times. Anyone got any idea how to fix this? TIA Jim..
Problem with EventLog Analyzer License
My subcription to EventLog Analyzer finished on july the 30 2024. I renewed my license the week before the end of this subcription. I received my renewed license before the 30, but this license not working. Each time I try to renew EventLog Analyzer I
Eventlog Analyzer stopped showing Windows events
Our Eventlog Analyzer Server stopped displaying windows event logs. It stopped on the 15th last month, but we did not make any changes. We have agents installed on new windows domain attached system I created today, existing windows workstations/windows
Monitoring EventLog Analyzer
How would you recommend that EventLog Analyzer be monitored to check it is functioning without errors? We want to put in place automated monitoring with our monitoring system to be alerted if EventLog analyzer is not functioning normally.
Leveraging EventLog Analyzer's Threat Intelligence to mitigate risks after the CrowdStrike disruption part 2
Continuation of part 1 Steps you need to do to protect your network from attacks leveraging CrowdStrike Incident: 1. Detection: If you already have the Threat Analytics Add-on, the Default Threat Alert will capture any interaction with the above malicious
Leveraging EventLog Analyzer's Threat Intelligence to mitigate risks after the CrowdStrike disruption - Part 1
On July 19, 2024, a content update from cybersecurity vendor CrowdStrike triggered a widespread Blue Screen of Death (BSOD) event impacting Windows machines globally. Microsoft estimates that approximately 8.5 million systems were affected. The company
how to search the special character like "%" "\"
I have some Nginx access log and want to find some intrusion history. when I search the string like %26%26 the system return me history like 13/Jun/2024:17:26:26 . When I search ..\\ the system report an error Unbalanced quotes found. I try to use \%
Eventlog Analyzer export to CSV really slow..
Hi, I'm sure I'am not the only who noticed this.. Basically I am trying to export a search result about login event that is made up of about 2 million rows. Based on progress I see it should takes few hours to complete. How can it be so slow? Is there
signature
Does the site have a signature section? If so, where do I go to install it? doodle jump
Run workflow failed. Access\Permission denied
Hi, I have a problem with workflow in EventLog Analyzer trial (build: 12411). I run workflow on monitoring device (windows server 2016). I receive the following error: 1. Test service execute failed Error # while using given credential - Access is denied.
Registry alerts
Hello there! I am trying to set up email alerts to notify me about registry changes and access. However, I am unable to get a single message. While I am quite sure I have configured everything fine, as found here, it seems I need to enable some things
PFSense Logs Issue
Hi there, Having issues with PFSense logs. Things seems to be working fine but in Reports (of course under pfSense), it says not device configured. Screenshots attached for reference and guidance. Thanks
Where to add File Integrity Monitoring???
Hi. Using EventLogAnalyzer Version 12.4.1. I added 4 Devices (Windows Servers 2016). One of them is a File Server, one a RDP-Server (Terminalserver). Wanted to view the buildin Standard-Reports. So I switched to the Tab "Reports", choosed "Windows File
Reset Logcollector
I am running Eventlog Analyer 9.0. I am directing both the Archive and the Index to my D: drive but the eventlog.out file has filled my C: drive causing the error “Log Collection & Import has been Stopped. Increase Disk Space and Reset LogCollector to
username "\"
Hi, Could somebody help to understand why do I get authenication attemps with username "\". I have attepts like this for several machines in our domain. I was trying to find any information on this cases on the web, but couldn't find anything. Username
EventLog Analyzer’s 2023 in Review
2023 has been a year of significant advancements and improvements for EventLog Analyzer. With a host of new features, enhancements, and fixes, EventLog Analyzer has fortified its capabilities, offering a more robust and efficient solution for log management
Password reset
I forgot the password for my username (admin). Could you please tell me how to reset the password?
Cannot obtain the SQL Logs
I am encountering some issue while adding SQL Server or MySQL Server into Manage Engine Log Analyser and i may need your assistance on this. Before we dive into the issue, let me Explain the deployment structure so it will be more relevant to the issue
Mikrotik logs unreadable
Hello, I add a Mikrotik in the syslog devices configuration, I get logs, but can't read them, I don't know if the configuration is wrong, I attach screenshot. Hope you can help me. Regards
Commnad Line Audit
How do I audit Command Line through ELA?
Heavy Disk Usage
Hello there, We are facing problems with a huge disk usage of Log360. It's at the same machine with Eventlog Analyzer. Host machine is Windows server. We are looking for a way to purge the data or shrink it or ... . No helpful option in general setting
How to calculate my current events per second?
How to calculate my current events per second?
ELA having more than 20 ms
ESX PROD My ELA server is very slow and I am trying to understand why.
How to configure Syslog in Fortinet Firewall
Kindly help to configure ME ELA in Fortinet Firewall currently we are running with fortios 7.4.0
Unable to read log from the newly added device.
Successfully added the Cisco device but unable to receive logs from it. What to do?
the integration with Log360 Cloud
Hi, I would like to check if the integration with ELA is still available.
Problème export logs
Bonjour, Nous avons effectué hier (08/06/2023) un export des logs sur "EventLog Analyzer > Firewall VPN user Connected" mais les résultats nous apparaissent vides et aucune donnée ne nous est parvenue. Nous avons ensuite vérifié les bases enregistrées
Testing SMS via HTTP (to SendQuick - formally Talariax) in ELA encountered error
Hi My SMS provider is SendQuick (formally name TalariaX). In ELA , my configuration , under System Settings \ Notification Settings \ SMS Settings : a) SMS Provider : wwwwwwwwwwwSMS Service Provider b) Service Type : HTTP c) HTTP(S) Method : Post d) HTTP(S)
Removing Workstations from Server Audit in AD Audit Plus
I just installed Log360 and it populated my workstations automatically. But it pulled a bunch of old disabled workstations from my Active Directoy. I and goto Server Audit and then Configured Servers and Clcik Workstations. Here I try to delete any workstaton
About retention settings
Hi all, As seen in the help page(https://www.manageengine.com/products/eventlog/help/StandaloneManagedServer-UserGuide/AdminSettings/db-storage-settings.html) retention settings of ela, "Current Storage Size" allows us to adjust how many days to keep
About retention settings
Hi all, As seen in the help page(https://www.manageengine.com/products/eventlog/help/StandaloneManagedServer-UserGuide/AdminSettings/db-storage-settings.html) retention settings of ela, "Current Storage Size" allows us to adjust how many days to keep
Analyzer doesn't seem to be parsing firewall logs
I'm trying to send OPNsense (fork of PFsense) firewall logs to the analyzer. However the analyzer doesn't seem to properly parse the logs as firewall logs. Such as it doesn't see the IP's or action etc of the log. It managed to pull the date pretty much.
Zyxel eventlog categories
Hello. I configured my Zyxel Zywall USG100 using this manual As a result, It works. Eventlog analyzer grab events and make report. Unfortunately, I see only 3 categories: Notice Information Alerts Other categories are empty. Also, I see a message column
My EventLog Analyzer often failed
Hello. I have virtual Ubuntu 22.04 (ESXI). I installed EventLog Analyzer Server and ran it. The first-time server doesn't install like the service, but after manual installation, all went well. I run the service and logged in through my browser correctly.
Create alert for device down
Can i create alert notfication for hardware device down ? eg dell network switch is down, i want eventlog analyzer to send email alert to notify us
Next Page