Import log on ELA
Hello, I try to import log with ftp scheduling every day but the log doesn't change it still static Regards Ahmed
Cannot import logs of any type except Windows Event Logs
I can't seem to import logs of any type other than Windows Event Logs - I only have 2 Log Formats to choose from: Windows Event Log and Eventlog Analyzer Archive. I have tried adding my own Log Format Name, but the import simply returns to the 'Imported Log Files' window with no results. Has anyone had this issue?
Exclude by Event ID
Is there a way to create an alert profile, and exclude based on Event ID? A simple example would be: "alert on all errors except those with Event ID 125" Thank you
SSL Setup and Configuration of EventLog Analyzer
Could I have updated instrucitons on configuring SSL functionality to the Eventlog Analyzer web interface? There are directories and references in the Instruction Manaul that do not exist. Here is a copy of my server.xml from the C:\Manage Engine\Eventlog\conf\ foler. I was able to produce the certificate and have it in the C:\ManageEngine\EventLog\server\conf folder because I did not see the manual's refrenced location. Thanks, Joel
Import SQL Log on ELA
Hi We create an admin account on SQL SERVER then try to import log sql but an error occurred display that the username and password is wrong or the server is down Regards Ahmed
Importing logs. When they fail, they just stop and you have to set them up again.
Hi, I am importing logs from the local host. I set the job up to import daily. It imports OK until it hits a problem and then says import of log file failed. The trouble is you then have to set up all the import jobs again. It would be better if when they failed one day, it just tried again the next. Steve.
Difficulty Importing Logs
Hi, have installed EventLog Analyzer, I want to use it for forensic purposes reviewing syslogs which are already collected manually and placed in a directory on my localhost. Therefore I do not want to pull it from an external host or from live feed on the localhost. I have tried the import log function and assigned to localhost as the server. Used the browse feature to select the specific syslog and selected import, this did not work as I received an failed to import log error. I then dropped the
Best solution for large amount of data
Hello. I need to deploy a distributed log management solution (two logical locations plus a centralized log aggregator) which must handle 1.500 log sources, 20.000 events per second (with a peak of 150.000 events) and an average daily storage of 100GB. What would be the best deployement scenario for the EventLog Analyzer? Is the limitation outlined in this post still applicable? Many thanks in advance. -- Francesco
Detailed Application Reports functionality disappeared
Have been monitoring one Host and one Application (print server( for about a month. The Print Application reports dissapeared this morning. How do I get the past month's Print Log data back ???
report export encoding problem
when we make report "Event detail for...." we have correct page with russian text, but when we press button export to PDF or CSV we have not correct messages in this report(after export). Russian characters are displayed incorrectly, for the letters we get "????? ?? ?????" how we can fix it ?
how to stop polling windows host
I have windows agent installed on host and working but server still polling this host and I see connections from server in security log. How can I stop polling for prevent unnecessary network traffic?
snare for windows and ELA. Log format.
Can ELA interpret SNARE for Windows agent messages as windows events? What I must to do for this? Now I see all messages as UNIX syslog.
Error after starting EventLog Analyzer - "Log Collection has Stopped. Increase Disk Space and Restart"
Log Collection has Stopped. Increase Disk Space and Restart - Free space is over 65GB --- restarted and still gives the error ??? help !!!
Threshold and polling interval
Hi , can anyone help with the Threshold values and Polling interval for Event log analyzer
Exclude events from view in ELA
Hi everyone. I am using ELA and want to know if I can exlude events from view. When I view a list of my hosts I can see a number of Errors, Warnings, Failures, Others and a Total of all events. I click on the link of errors for a particular server and a window opens showing me all the Error events for that server. In that view I can filter for events from a particular source, type or event ID etc etc. In my circumstance, I am looking at the Error events for an RDP server. 99% of the errors
Problem of starting service eventlog
i have an issue when i started the service of eventlog analyzer on windows 7 32 bits the service stopped automatically so could you help me to resolve this issue Regards
Problem starting EventLog Analyzer on Windows XP
Hello, I've trouble experience during start the first time. I get "Previous start failed. Please, Reinitialize DB and restart server. Problem while Starting Server. System halted", after that the service change its state to stopped. Also I tried to restart Windows, but the problem still yet! How can I do to solve that problem? Thanks in advance!
Event filtering
Im wondering if there is a way to do this or if this a planned feature. Basically what I would like to do is in the case of say, failed logins, I want to see if I have 5 failed logins in 15 minutes, but I would like to see this only if all 5 are from the same user. I don't see any option to do this currently. Am I missing this or is this not possible currently?
Rollover icons need better triggering
The icons that pop up when you roll over various items are entirely too small, for example, the alert icons are so tiny you have to pinpoint the graphic exactly in order for it to trigger. This is the same for the icons in the host section as well. These icons are incredibly small and require far too much precision to be able to click on easily. please make either the detection around the icon larger, or just make the icon itself larger to enable easier clicking.
problem of display windows log
Hi I cant understand the content of eventlog windows caracters are emereged as the tiles the windows log display in eventlog analyzer is in french see below other thant that if i want to extract field i can change the field value still ignore Regards
Change MSSQL credentials
Hello guys, I'm currently using Eventlog Analyzer with MS SQL. I'm using SQL authentication mode to authenticate to the SQL server now. Is it possible to change the SQL authentication to Windows authentication (use a domain account instead of a SQL local account) to authenticate to the server? Regards, Harvey
Filtering on logon type
Need to create reports and alerts for succesful Windows logons, filtering out specific logon types. Specifically only want to see successful logon (event id 528 & 540) for user 'administrator' for logon type 2 (Interactive) and logon type 10 (RemoteInteractive). Can you suggest the best approach?
X:\Manageengine\EventLog\server\default\indexes\univindexes\hot folder is growing FAST
Im currently collecting logs from 48 windows servers and 2 syslog devices using this version: Build Version : 8.5 Build Number : 8051 Service Pack : - Database : POSTGRES Build Date : Apr_25 Build Type : 64bit Language of Installation : English In 5 days the folder has grown to 114GB. PCI requires 90 days of log available at ALL times. In order to maintain this amount of data it would require 2.0TB. I need to understand is this growth is an issue or something I can expect.
bin/SysEvtCol: free(): invalid pointer: 0x09038548 ***
Hello, I'm curretnly reviewing differents log parsing solution, your solution looks good but I can't manage to make it work. Your internal syslog daemon seems to crash. When i use the init.d script everything looks fine but the SysEvtCol is not started. When i use the run.sh script i have the following error : *** glibc detected *** bin/SysEvtCol: free(): invalid pointer: 0x09038548 *** If i execute runSEC.sh i have the same error : ./runSEC.sh -loglevel Loglevel for Event Analyzer data collector
Exception in thread "main" java.lang.NoClassDefFoundError: com/adventnet/mfw/Bac kupDB
I'm trying to run the backup, but I'm not getting this error message appears: Exception in thread "main" java.lang.NoClassDefFoundError: com / AdventNet / mfw / BackupDB Tiago Toledo - Bigode Blog: http://www.pastelariadigital.com.br
Add agent less Windows host ok but cannot collect event
when add agent less windows host it add successfully but no event collected and whwn hit scan now it is failed with access denied error it search in logs and find this error Windows based Host MESSENGER : Scheduled for DC for interval c314f7 10 Inside RunWMIOnce ... Inside RunWMIOnce ...0 Assigning RUNNOW thread 0 to host MESSENGER for WMI poll Event collection started for host MESSENGER at thread 903 Log collection started for Host : MESSENGER Query Fails, Error fetching win version 80070005
How to import multiple log files from remote host
Hi, i have to import Oracle .aud logs file from a remote host via SSH. I have multiple files because Oracle create a file for each process, all in the format aud_* (the * indicates the process ID). how can i import all logfiles? I have to set a correct name-changing pattern? and how can i schedule my import? thanks a lot Andrea
Windows 2012
We seem to be having problems enabling the event log analyzer to connect to a new Windows 2012 server box. The system is working fine connecting to 2003 and 2008 boxes. The error code being received is 80070005 access is denied. If I look at the events on the 2012 box I can see a successful login is carried out followed by a log off straight after event-id 4624 and 4634. I have checked the firewall logs and there doesn't appear to be anything blocked. Andrew
Update to build 8050 and lost icon device
I upgrade build 8000 to 8050. But i lost the logo device. I had created a new logo for my switches and when i update lost these new logo and the default cisco_logo and unix_logo are lost too. I donk know, what is the issue ? let me know anything, Miguel
Intervale Time not refresh Automatically
In Dashboard/Hosts/Applications View the Interval Time not refresh. I must select last day, last 24hour or something in order to refresh to real time. Why ?? If i press F5 to refresh my browser the time no update Please let me know anything Regards Miguel
How to search Event logs using basic command Logon type =3 BUT no username
Hello, Real Quick how to search in the search field using basic commands: logontype =3 but dont want to display Event.log.analyzer username what will be the next sentax.
How do I setup alerts on FIM?
I've setup FIM successfully. In order to pass PCI requirements I will need to receive alerts. How do I setup those alerts?
Import HP-UX server logs
I can not import logs from Unix servers (HP-UX) with Event Log 8.5. I have a messega " Not available" I sent my reports and configuration information from my servers, in specific the files "syslog.conf" and "services", both files are in /etc folder. But i have not received answer. Thank you
EventLog Analyzer 8.5 build 8051 AD authentication is failing.
Build Version : 8.5 Build Number : 8051 Service Pack : - Database : POSTGRES Build Date : Apr_25 Build Type : 64bit Language of Installation : English Local auth works fine.
ELA to monitor Oracle Logs
I would like to know how I can Configure ELA to monitor Oracle running on a windows box. I have added the Windows host to ELA and it is pulling the events from the box how do i also include the oracle logs. thanks
Broken after Windows upgrade
I upgraded to 8.5 on Windows, and the service failed to start. I was able to start the app from the shortcut. I uninstalled the update, and now I can't even start the updatemanager to reinstall the update. Can I reinstall the entire 8.5 and have it recognize my license, or do I need to start reinstalling from my old version and add all the patches again?
Is it posible to capture all windows event logs from computers?
Hi. As far as I know event log analyzer only collects the computer event logs for the current date that the system is working on. Just want to know if there is possible to collect all event logs from computers. Let´s say all events logs in computer from the time it was installed windows. if the computers is 3 years old then capture all event logs from 3 years ago up to now. thanks in advance for your help Roger
Is there an option to migrate existing Eventlog Analyzer from built in database to MS-SQL
Our eventlog manager installation has outgrown the drive it is on. We would like to migrate the installation to a new drive. We were thinking that now would be the time to migrate to MS-SQL since we are primarily an MS SQL shop. Is it possible to migrate an existing installation over to MS SQL? If not, is it possible to migrate an existing installation over the a new drive?
can't add host due to permission error
I have tow windows domain controller servers,due to company security policy,I don't want to give administrators group permision to monitor team,when I assign backup operators group permission,it will show access is denied error.but follow the errorr log, I can use backup opearators group to access admin$ and c$,so the path is correct.Iwhen i give them administratos group,everything is fine. want to know what kind permission that need.
A security package specific error occurred. 0x80070721
Hi All, Has Any one come across the above error message when trying to add or edit a host. This error is coming only for one host. The host is a windows 2003 server and the EventLog Analyzer is running on a Windows 2003 server. Eventlog Analyzer is ver 7 and x64 bit. Thanking you Rg Palcops
Next Page