Import alllog from file NFS
Dear Support Team! I configure a shared file containing all the logs of other servers and now how to import all these logs into the files I formatted u01.log, u02.log, u03.log I want to choose *.log, so that later when I configure a new server it will
Create a Workflow to Save Malicious IPs from Fortinet in a Text File
I am looking for assistance in creating a workflow in Log360 that extracts malicious IPs detected by the Fortinet firewall and saves them in a text file at a specific network location. Workflow Requirements: Data Source: Alerts generated by the Fortinet
ManageEngine EventLog Analyzer Cost for Managing two SQL Server
Please provide cost implication for monthly to monitor two SQL Servers
Asset coverage and retention evidence
I have the requirement to provide evidence for both Asset coverage and retention period. Are there any existing dashboards, reports or searches that can compare assets (Windows server) to OUs in Active Directory? Also, I need t be able to prove the retention
L360 Possible Worm Activity
Hello. We are new to managed engine products including L360. We actually just went live with L360 yesterday and had a few alerts on possible Worm activity. However, we think this is just the bios installing as we have done a few test and alerts from these
Alert Criteria - Null field
Is it possible to add a match against a null field when building the Alert Criteria in an Alert Profile?
Alert Criteria - Null field
Is it possible to add a match against a null field when building the Alert Criteria in an Alert Profile?
TLS Encryption Support for Log Forwarder
I am currently configuring the log forwarder in ManageEngine EventLog Analyzer and would like to know if it supports TLS encryption for secure log transmission. Could you please provide information on whether this feature is available and, if so, any
Log File Format and Placement in EventLog Analyzer
I would like to know if EventLog Analyzer keeps log files for all the logs it receives, such as logs from Windows devices. Additionally, could you please provide information on the format of these log files and their exact placement within the program
Permission to push Windows agent
When trying to install the Windows agent from the agents screen it's failing every time. I have a service account configured in ELA and on each server the use is a member of DCOM and Event Reader local groups and has the correct cimV2 namespace permissions.
How to extract fields
I've been trying to extract fields. In the "Extract Additional Fields" config I can successfully set up the fields but it is then unable to match these in any logs. Not sure what I'm missing here. Are there any more detailed resources to read or any common
failed upgrade
Hi, We have installed eventlog analyzer: Build Version :12.4.7 Build Number :12477 Service Pack :SP-12.4.7.7 Database :POSTGRES Build Date :Sep_12 Build Type :64bit Installation language :English In an attempt to upgrade the version to 12.5.0 the process
Eventlog Analyzer not starting
Eventlog Analyzer service cannot be started. When I tried to start the service it did not start "run.bat" because of EAService failure. See the below Log: Starting Server from location: C:\ManageEngine\EventLog Analyzer This copy is licensed to *****
CSV File Report when e-mailed shows blank fields but when clicked on it appears
Hi have a simple report that is e-mailed to me daily. The CSV file contains the information in the Message field but is not visible until you click on the field and it appears in the title bar. See picture below. Notice the cell is blank but the title
Encryption algorithms
Hi, I work on Manage Engine Soutions on behalf of a customer, and we would like to know which is the encryption algorithm used for archive encryption? How is the integrity checked? I search on EventLog Analyzer documentation and on the internet, without
windows agent is running ,but Manage Devices not shown devices
ManageEngine EventLog Analyzer agent service is running SysEvtCol.exe is running Also regedit shows configure is right
Security advisory for remote code execution vulnerability (CVE-2022-1471) in ManageEngine EventLog Analyzer
Security advisory for remote code execution vulnerability (CVE-2022-1471) in ManageEngine EventLog Analyzer Vulnerability Details Product name EventLog Analyzer Severity Low Affected software versions 12523 and 12524 Fixed version 12526 Fixed on 23/12/2024
Web interface not showing any data.
My client's ELA is currently suffer an unknow problem where collected data are not showing in the web interface, and it's showing " Some data are still being loaded by the search engine. Please wait for the process completion.". We rested the ELA once,
Creating Wannacry Correlation Rule
Hello I read this document: ransomware solution log360 it mentioned Wannacry detection way, but when i searched about wannacry in predefined correlation reports, it doesn't exist there: screenshot1 So, I have a question, should I create one for wannacry
Low memory detected on Log360's elasticsearch
Hi , I have a problem with EventLog Analyzer: Low memory detected on Log360's elasticsearch, increase the memory to at least 7 GB. Can you help me solve this problem?
Enhancements and Fixes in EventLog Analyzer's new build!
The latest release in ManageEngine EventLog Analyzer includes important enhancements and fixes. Enhancement: The bundled PostgreSQL version has been upgraded to 14.12. Check out the full release notes here. Highlights from other recent EventLog Analyzer
Malwarebytes integration issue
I installed Malwarebytes and it discover some malware and ip addresses which marked as malicious. But when I got to ELA reports -> Threats -> Malwarebytes It says "No report data found." Any ways to show the data?
How to set "log source" for a device?
Hi Team, In my Solaris servers, I want to report on "unsuccessful user logons", but I can only add devices, so my question is, where and what path/file should I set as my data-gathering source? Kind regards Mo
EA Dashboard - Logs Trend wrong Time
i set the wrapper additional to GMT-7, System Diagnostics confirms I have GMT-7 set and shows proper time. But on the Dashboard - Logs Trends widget still shows UTC times. Anyone got any idea how to fix this? TIA Jim..
Problem with EventLog Analyzer License
My subcription to EventLog Analyzer finished on july the 30 2024. I renewed my license the week before the end of this subcription. I received my renewed license before the 30, but this license not working. Each time I try to renew EventLog Analyzer I
Eventlog Analyzer stopped showing Windows events
Our Eventlog Analyzer Server stopped displaying windows event logs. It stopped on the 15th last month, but we did not make any changes. We have agents installed on new windows domain attached system I created today, existing windows workstations/windows
Monitoring EventLog Analyzer
How would you recommend that EventLog Analyzer be monitored to check it is functioning without errors? We want to put in place automated monitoring with our monitoring system to be alerted if EventLog analyzer is not functioning normally.
Leveraging EventLog Analyzer's Threat Intelligence to mitigate risks after the CrowdStrike disruption part 2
Continuation of part 1 Steps you need to do to protect your network from attacks leveraging CrowdStrike Incident: 1. Detection: If you already have the Threat Analytics Add-on, the Default Threat Alert will capture any interaction with the above malicious
Leveraging EventLog Analyzer's Threat Intelligence to mitigate risks after the CrowdStrike disruption - Part 1
On July 19, 2024, a content update from cybersecurity vendor CrowdStrike triggered a widespread Blue Screen of Death (BSOD) event impacting Windows machines globally. Microsoft estimates that approximately 8.5 million systems were affected. The company
how to search the special character like "%" "\"
I have some Nginx access log and want to find some intrusion history. when I search the string like %26%26 the system return me history like 13/Jun/2024:17:26:26 . When I search ..\\ the system report an error Unbalanced quotes found. I try to use \%
Eventlog Analyzer export to CSV really slow..
Hi, I'm sure I'am not the only who noticed this.. Basically I am trying to export a search result about login event that is made up of about 2 million rows. Based on progress I see it should takes few hours to complete. How can it be so slow? Is there
signature
Does the site have a signature section? If so, where do I go to install it? doodle jump
Run workflow failed. Access\Permission denied
Hi, I have a problem with workflow in EventLog Analyzer trial (build: 12411). I run workflow on monitoring device (windows server 2016). I receive the following error: 1. Test service execute failed Error # while using given credential - Access is denied.
Registry alerts
Hello there! I am trying to set up email alerts to notify me about registry changes and access. However, I am unable to get a single message. While I am quite sure I have configured everything fine, as found here, it seems I need to enable some things
PFSense Logs Issue
Hi there, Having issues with PFSense logs. Things seems to be working fine but in Reports (of course under pfSense), it says not device configured. Screenshots attached for reference and guidance. Thanks
Where to add File Integrity Monitoring???
Hi. Using EventLogAnalyzer Version 12.4.1. I added 4 Devices (Windows Servers 2016). One of them is a File Server, one a RDP-Server (Terminalserver). Wanted to view the buildin Standard-Reports. So I switched to the Tab "Reports", choosed "Windows File
Reset Logcollector
I am running Eventlog Analyer 9.0. I am directing both the Archive and the Index to my D: drive but the eventlog.out file has filled my C: drive causing the error “Log Collection & Import has been Stopped. Increase Disk Space and Reset LogCollector to
username "\"
Hi, Could somebody help to understand why do I get authenication attemps with username "\". I have attepts like this for several machines in our domain. I was trying to find any information on this cases on the web, but couldn't find anything. Username
EventLog Analyzer’s 2023 in Review
2023 has been a year of significant advancements and improvements for EventLog Analyzer. With a host of new features, enhancements, and fixes, EventLog Analyzer has fortified its capabilities, offering a more robust and efficient solution for log management
Password reset
I forgot the password for my username (admin). Could you please tell me how to reset the password?
Next Page