Icons Not Displaying
With the exception of Windows and the first device added for Linux and Cisco devices, the icons for our devices are not displaying properly in the host list. They display as indicated below. The problem appears to be a bad hyperlink. An example of a hyperlink for logos that displays properly is: https://servername:8400/event/images/logo_linux.gif. The ones that do not display properly have a hyperlink similar to this: https://servername:8400/event/images%5C%5Clogo_linux.gif. Is there a way
Urgent Problem. EventLog and Application Analyzer problem
There have three problem on my EventLog and Application Analyzer. 1. EventLog Analyer will always have the high network traffic. - The manager can be collect more than 500MB date on each server on each day. 2. EventLog and Application Analyzer will indeterminate to shutdown the services. - Analyer Manager will shutdown the service or the web page could not be show the login page. - EventLog Manager will shutdown the service and could not be restart the service on Windows Service. 3. High resource
Folder Univindexes grow up quickly
Hi, Please I need your advice. Currently I have EventLog analyzer installed in a server with 200 hosts set up. We kept all the reports in a different drive than the OS with 250 GB, but this drive grow up every day quickly and we have 90% of the disk full in especially the folder Eventlog\Server\Default\indexes\Univindexes\hot . How many space do you recommend me for kept the reports with 200 host or more? It's possible reduce the size that every day generate the reports. My current Build version
Logs in SIEM plug-in of OpManager
Hi everyone, I want to know once I install a new software on Windows machine, can SIEM plug-in help me to fetch logs relate to this process? And if it supports, then where will it show on Eventlog plug-in interface? Please advise. Thanks, Hien
Usage question
It's possible I'm trying to use this software for something other than it's intended, but I'm hoping someone can point me in the right direction. In a nutshell I have a security.evtx file from a computer which I need to examine and find any remote desktop sessions referenced. I can see how to set up custom reports to look for the event ID of interest, however when it comes to the date range it seems limited to only the last month. The log I'm examining contains data from 2005 to 2011. The preset
Host Down Alert
Using the "host down" feature. If I set the alert for one hour and receive an alert - that means it didn't collect any information for that hour, right? Not necessarily that the host is down. Will I continue to get an alert every hour if I don't receive any logs or is it a one time deal? Thanks in advance for your help.
User Report
Good afternoon. When I click on any of the three user activity reports and try to edit the hosts, I am unable to do so. When I click in the box to type in the host name, it doesn't work -- it is almost like it is greyed out and unable to be used. Additionally, there are no available users to select from on any of the reports. Running build version 10, build number 10001. Accessing via IE11. License Type - Premium Thanks in advance for your help.
Migrating from postgress to MS SQL fails every time; no support either
Hello I tried to migrate several times from Postgress to MS SQL, I followed step by step the migration instructions in the FAQ but no luck. It seems that everything is ok but when I restart ELA nothing has been imported/restored I also tried to contact the support via email and phone several times (5 at least) but I received no call backs or replies. Can you kindly provide clarifications or support on this matter? Thanks and best regards Saverio
Use PosgreSQL for ELA
Hi, I would like to use a dedicated server as backend for ELA instance. I don't found the steps in order to achive that. I try using changeDBServer.bat like MSSQL process. The new database was successfully created but whem I start ELA service, no connection was made on new PG server. Thanks you. TI PS : The service didn't start because when it start, it try to create the database on the PG server. So, I drop database and restart the service. ELA work fine but not longer. If I try to stop ELA service
Get Old Month Report
How to get old month report from event log analyzer. I have already set the DB retention 90 days. I required previous 1 year old data.
Service for ManageEngine EventLogAnalyzer 10 - Agent shutdown automatically
After upgrading to version 10, FMS(ManageEngine EventLogAnalyzer 10 - Agent ) service on remote server (2012 Hyper-V) are automatically shutdown. I opened a ticket with the support group and per their instruction, I uninstalled and reinstalled the agent but unable to fix this issue. I provided them following event log. Log Name: Application Source: Application Error Date: 4/30/2015 9:08:51 AM Event ID: 1000 Task Category: (100) Level: Error Keywords: Classic User: N/A Computer: NB01SRV02.empire.local
Edit user groups
I see the feature to add user groups, but there doesn't appear to be a way to edit the groups to add or remove members after creation. Am I simply missing this, or is there not a way to edit group members after creation?
Upgrade ELA to use tomcat 7 or 8
Currently ELA uses Tomcat 6. Tomcat 6 is an ancient standard, written for Java 5.X compatibility and was released in 2006 (8 years ago at opening of this topic). Tomcat 6 does not support ANY cipher suites (besides insecure SSLv3) currently on offer by IE11 in Windows 8. This problem will only get worse as older cipher suites utilizing the insecure RC4 standard (which IE11 does not support as of Windows 8.X IE11, these are still supported in IE11 for windows 7) are disabled in Firefox and Chrome
weak ephemeral Diffie-Hellman public key
Started getting this warning this morning when I try to log into the web interface. This error message is shown in both Chrome and Firefox. I can login with IE without any issues. Have a call into support but was wondering if anyone else had any issues like this. Thanks. -Dan
about old version
hi guys, I want to migrate from server 2008 with ELA v 8.6 / 8063 to win server 2012 and continued upgrades v 10 What ELA 7 compatible version with win server 2012? if it is not compatible , then I have to replace the server 2008 win , what version 7 is compatible with server 2008 ?? thanks
Log Monitoring
I've have ELA collecting logs from a bunch of UNIX hosts. Is there a way to set up an alert if I am no longer receiving those logs? I'm trying to do is get an alert that tells me a server is removed from service, for whatever reason, or that ELA is no longer receiving logs from a certain host..
User Based Report
Good afternoon. When I click on any of the three user activity reports and try to edit the hosts, I am unable to do so. When I click in the box to type in the host name, it doesn't work -- it is almost like it is greyed out and unable to be used. Additionally, there are no available users to select from on any of the reports. Running build version 10, build number 10001. Accessing via IE11. License Type - Premium Thanks in advance for your help.
Security Event log not importing correctly
I'm not sure exactly but when I try to import a security event log the settings section under 'Report Type' just continually shows 'in progress' and every few seconds the screen refreshes but it never seems to finish importing the file. Have left it running for a good 20 minutes and it's only a 9mb file so would have thought it would be fairly instant. Also the import time field is unpopulated. I have tried running searches for event ID's which I know exist but get no results which would suggest
import log from wan network device ...ip valid ....
hi Does the manage engine event log analyzer software , in part of << remote import log >> , import log from out of local network? host ip is valid. thanks masoud
Use MSSQL database for ELA
Hi, In order to consolidate our databases, we need to use our MSSQL server and not built in pgsql. Could you give me the steps to do that ? Thanks you. TI team
cant remote import log of local network host
hi i want remote import log of apache web server .. But after entering the specifications, in the "select remote file" field , this eroor showes : ::::::::::::: Failed due to either wrong username and password (or) the server may be down! :::::::::::::::::: I am sure I have the correct username & password. please help me. thanks masoud
ManageEngine EventLog Analyser port 514 not opened.
Hello, I have a strange problem. I installed the latest version of ManageEngine EventLog Analyser: Build Version :10.7 Build Number : 10073 Service Pack : - Database :POSTGRES Build Date : Nov_18 Build Type : 64bit However the port UDP 514 is not opened. By default the syslog server should listen to that port. How can I open it? I am successfully receiving logs from windows machines but not from linux machine. netstat -na gives me that the port 514 is not listening. UDP 0.0.0.0:513
can not set log alert apache in manage engine event log
hi all i can not set alert for apache host ... I am faced with an error. error massage ::::::> ..... Message : com.adventnet.sa.server.nf.NotificationManager.addProfile(Ljava/lang/Long;)V Stack Trace : Stack Trace is not available. please help me thanks
Objet mail rapport
Bonjour, Nous rencontrons des difficultés à modifier les objets de mails envoyés pour les rapports. Actuellement, l'objet du mail des rapports générés est : "EventLog Analyzer Reports - $NomsduRapport". Nous voudrions changer cet objet avec juste le nom du collecteur ayant généré le rapport. Avez-vous une procédure pour cela? Cordialement, Alexandra
web server analyze in manage engine event log analyzer
hi all how to analyze web server logs ...for example apache , .... in manage engine event log analyzer. please help. thanks masoud
Major Service Interuption
It was unfortunate that we were taken down by an unprecedented storm early today and the locality of our offices are flooded, that we could not resume to work. However we will look in to your requests with highest priority and will get back to you at the earliest. Thank you for your understanding. - Eventlog Analyzer Support
Track event ID occurrances per user per minute
Is there a possibility to create an alert that will notify me if same user delete 10 files or more in one minute? File monitoring is up’n’ready, but if I create alert on event ID 4659 (Object deleted) it will notify me based on occurrences of event ID. I need to track if any user on domain deletes more than 10 files per minute.
Report Alert
Hi, I would like to get one automatic report with Login of autentication of all user of my domain. I did one but I can see the user system (PC16$,SYSTEM,DWM-2,DWM-1,DWM-3), I want only the user What Can I do to get this relatorio by email with this information?
SQLServer DDL Auditing Report empty
I am testing Eventlog Analyzer 10.7. I have setup Audit object and Audit specification for the MSSQL server I'm trying to monitor as instructed by ManageEngine's documentation. Unfortunately, the SQLServer Reports do not compile ("no data available" it says). On my SQL server I have created databases and tables, dropped databases and tables, changed tables--but nothing shows up in the Eventlog Analyzer reports. I see events in the Application Log on the server and if I do a custom search in Eventlog
Hyper-V log are not collected
I have hyper-V server 2012 R2 with Hyper-V log enabled, but I can't see them in ELA. What am I missing?
Can't login into Eventlog Analyzer Application
Hello Team, I currently experiencing problems logging into the EventLog Analyzer application. The login screen is continuously shaking thus i can't enter my login credentials. Please help. Jesse
Alert - same ID, same User - number of occurrences
Is there a possibility to create an alert that will notify me if same user delete 10 files or more in one minute? File monitoring is up’n’ready, but if I create alert on event ID 4659 (Object deleted) it will notify me based on occurrences of event ID. I need to track if any user on domain deletes more than 10 files per minute.
No events for Linux and Solaris
I am evaluating EventLog Analyzer (ver 10) for possible purchase. I have added 1 windows box (2012), 1 Solaris (10) and 1 RedHat Enterprise Linux (6.4) as a test. All 3 boxes are streaming their logs to the analyzer and the traffic shows up in the syslog viewer. However only the windows events show up in the dashboard and host counters. I manually generated some events (Linux and Solaris) such as "su" I see the "su" event show up on the syslog window but nothing ever populates anywhere else. Can
How to analyze Checkpoint firewall with ELA
Hi all, I need to configure ELA to analyze Checkpoint firewall (Gaia OS) Which is the best way to do this? I need to import firewall logs into ELA server or is there a better solution? Best regards, SL
Access Denied to Windows 10 computer
I have gone through all the steps indicated to fix "Access Denied" with no success. The system denying access is a Windows 10 Pro 32 that was upgraded from Windows 7 Pro 32. Is this a common issue or are there known fixes?
Manage Engine Log Analyzer Log Collection issue
Hi i have a manage engine log analyzer installed. problem I am facing is that I was unable to pick hosts and if hosts are manually added then it doesn't collect any events in dashboard. It keeps scanning but doesn't show anything until I import logs of some other machine in to the software. I was unable to understand this behavior plz help
Unable to delete a host
Hi I've tried several times to delete a host in EventLog Analyser, but the hosts still remain. Restarted server, service, etc, still unable to remove. Has anyone come across this and, if so, have a solution? Cheers
Forward logs to another log server (real time)
Hi, I need to know dose the EventLog Analyzer has the capability of forwarding logs to another Logserver in real time. Thanks,
get log of wm & esx server
hi i have a esx server and i want esx server logs and send to manage engine event log analyzer. what should i do? thanks masoud
mikrotik log analyze
hi all I am using the software manage engine log analyzer, Despite the router configuration router, but not send any logs for Syslog server. why??? please help me. Thanks & Regards Masoud
Next Page