Change the format of the reports??
Hello I wonder if you can change the format of the reports, I want remove the logon id field, for example: The image is of a user logoffs report, in the report appears several times the same user with the same details except for logon ID, as shown. I want the user appears only once and the time it closed its session, when he finished his work schedule.
don't show me information about the failed login or Unsuccessful Login Attempts...
Hello I need to monitor the active directory, the report appears all: Accounts created, disabled, password reset, etc.. But do not show me information about the failed login or Unsuccessful Login Attempts, Why? I have the eventlog analyzer version 7.2
How to access archive events?
Hello, I am completely new to the EventLog Analyzer application so please bear with me. The company I work for has requested event information for a specific user to find out when they have logged into the domain. Having played with the application for a short while I managed to create a report to look at login events for the user in question - the problem was I could only go back around approx 30 days. They wish to look at event going back to December 2011 so my question is how do I go about searching
Event Log Analyzer High CPU % After latest update
Since updating ELA to the latest build, we are constantly getting Java32.exe at 100% messages. We need this resolved ASAP as its driving us crazy. Server 2008 R2, SP1 4GB RAM (MySQL Buffered to 1500M) 1 x Intel Xeon 2.8GHz
EventLog Analyzer 7.2 versus windows firewall
Product version EventLog Analyzer 7.2 EventLog server connected to the domain. Unable to get logs from stand alone server win 2008 r2 64 bit which is not part of a domain. Authentication fails. Used admin account from that server as well as account that used for log gathering "log viewer". Problem seems to be with windows firewall configuration on the that stand alone server(cause tried with another one without firewall, result is OK) What service should be allowed to connect to on the
Performance Testing - Windows
Our performance group is trying to capture the impact of event collection on our Windows hosts. Specifically, what service(s) on a Windows host are impacted during the collection & sending of events to the Event Log Analyzer server?
Manage Engine ELA Java Heap Space errors
I am getting Java Heap Space errors when trying to run very small custom reports (less than 400 events on a single host). We are running Manage Engine ELA v7.0.0 on a Windows 2008 64-bit server. What is the recommended solution to this issue? Message : Java heap space Stack Trace : Stack Trace is not available JVM Memory Information Total JVM Heap Size 502 MB Used JVM Heap Size 368 MB Free JVM Heap Size 134 MB Max Memory For JVM 502 MB Processors available to JVM 8
Using SQL Database for backend - Questions
I am thinking about using our MS SQL server as the database for our EventLog Analyzer install. I have a few questions about this: 1. What happens if the MS SQL server goes offline? Will the EventLog Analyzer hold the data locally until the database server is back online or will the events be lost until the SQL server comes back online? 2. Will Eventlog Analyzer automatically reconnect with the database when the SQL server comes back online? 3. Will Eventlog Analyzer still Archive events from
Need a report to pull the total and per user lockout totals for a custom period from the domain.
Need a report to pull the total and per user lockout totals for a custom period from the domain. i do not want the events listed just a Total and Per User total. Example Total Locked out users for Custom time period is = 296 Users Locked out Jdoe = 7 times Jdane = 10 times jsmith = 5 times and so on. Is there a report to do this? I am running Event Log Analyzer 7
Eventlog Analyzer on Redhat 6 - (Time is off by 1 hour)
System time is correct. All time stamps for alerts are off by 1 hour. Checked all settings with time regarding operating system and check traffic going to and from NTP server. The alerts are timestamping 1 hour from the time the event actually happened. Any assistance regarding this would be appreciated. This is a brand new install with the latest version. Just downloaded on September 8, 2011.
EventLogAnalyzer7.0 64bit cannot run in CentOS6
RT,because CentSO6 had the rsyslog default,not syslog.
export to csv problem
Hi, i've been struggling for a very long while trying to export a custom report in csv in order to analyze it with excel or access. What tricked me was the almost unexplicable behaviour of the exporting engine, wich usually breaks some records by inserting crlf followed by some "explanatory" data, then following with the rest of the record content. Apparently, this behaviour is due to the fact that the exporting engine does not considers that exporting to csv does not needs to be formatted as a "printable
Save Queries to CSV File
I am trying to save the results of my query to a csv file. Here is a sampling of the following command: select * from archives into outfile('c:\archives.csv') I never received an error message, however the file is never created. Thank you for your help.
Create Table via Web Interface to MySQL
I am attempting to create a custom database and tables, but I keep getting a syntax error. Here is the command: CREATE TABLE test (name VARCHAR(20)); Please help.
No Data Found?
Recently when using EventLog Analyzer, when we click on a particular service, event, count, etc. Anything that would bring up the detailed pop-out window, the pop-out window says "No Data Found". Regardless of time frame or range, same thing for everything. Any ideas? Im not sure where to begin.
BackupDatabase
Hola, i have questions regarding script of backupdatabase in Eventlog analyser i dont know which script i can use for to do backup of database ? there is 2 there 1) Eventlog/tools / backupdatabase.bat 2) Eventlog/troubleshooting/backupDB.bat 1) What are the difference between this 2 scripts and which script i should use to do backup and restore if there is any future problem with Eventlog ? 2) Why i need to stop Eventlog server to take backup ? can not i do realtime backup using this scripts i m
Clearing Windows Event Logs
Does EventLog Analyzer have the ability to clear the Windows Event Logs. One of our Security logs filled up and halted the server. Thanks.
Agent Administration
I've just applied service pack 7001 to my 6020 intallation and see that agent administration is disabled. Can this be enabled or to I have to upgrade to a different version? Many Thanks, Stuart.
ManageEngine® EventLog Analyzer 7.2 Released
ManageEngine® EventLog Analyzer 7.2 Released We are glad to announce the release of ManageEngine EventLog Analyzer 7.2 (GA) Distributed Edition and Standalone Edition. Download Distributed Edition Standalone Edition Read More What's new in this release? 7.2 - Build 7020 - Standalone Edition The general features available in this release include all the features of EventLog Analyzer Version 7.0 Build 7000 and Features and Enhancements: Print Server Activity monitoring - Includes support for Print
Monitored servers connection status notification
Hi, Is there any possibility to send email notification when servers connection status is changing from “logging started” to “problem connecting to server” or “access denied” ?. What I want to achieve is some kind of notification when logs gathering from certain servers fails due to connection problem. Best Regards Luk
Unable to Install to D:\Program Files
Is there anyway to install to the folder D:\Program Files? every time that I try it advises that you are unable to save to a folder path with a space in it's name? Is this normal and is there any way around this?
How to audit group membership changes?
Hi guys I'm having some problems auditing group membership changes. I have Win 2008 Active Directory. In my domain controller policy I have set up Audit Account Management to Succes/Failure but I can't get it to audit changes? I have read the articles below: http://www.shariqsheikh.com/blog/index.php/201103/auditing-group-membership-changes/ http://whatevernetworks.com/?p=21 Any Ideas what I am doing wrong? Brgds Liselotte
log file format, batched execution
Hello, we would like to analyze the log file written by our applications. These log files have an own format. Is it possible to extend the log file formats supported by EventLog Analyzer by ourselves? Is it possible with EventLog Analyzer to process multiple log files located on different machines in a kind of batch mode? Best regards Armin Noll
ELA - General information
Dear All, I am evaluating Eventlog Analzer 7. I have added a new host (Windows 2003 with SQL server). I have noticed that ELA records only new events. Is there a way to configure ELA to records all events from the host? In order to get older events from the host, I an tried to import an evt log file. But I got the following error message : Could not find the message file for the following event sources: SQLSERVERAGENT; MSSQLSERVER; SQLISPackage; GVGazTest; GVGazDev; SQLISService; MSFTESQL;
Eventlog Analyzer 7 won't start as a service
When I start Eventlog Analyser with run.sh the application starts fine and I am able to access the portal. When I try to start as a service I get this: [root@slmprdc01 bin]# /etc/init.d/eventloganalyzer start /etc/init.d/eventloganalyzer: /opt/ManageEngine/EventLog/bin/wrapper: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory /etc/init.d/eventloganalyzer: line 137: /opt/ManageEngine/EventLog/bin/wrapper: Success I tried to reconfigure as a service, which was successful: [root@slmprdc01
Importing Security event log from NetApp Storage
Hi, we have some NetApp Storage that are publishing audit logs in .evt format. We can connect via Microsoft "Computer Management" MMC tools to administer it (it's just publishing some of the computer management tools) and we are able to see security events via the Microsoft Event Viewer MMC plugin. When trying to connect to this storage from ELA 7 we get an RPC error, probably because ELA is trying to do some checks and the storage is not responding to them. The only events published in this way
Problem with Dashboard View Customization
Hi, I was going to create some custom dashboard view in ELA 7 but after I put a view name and select some group to be shown I get returned to the dashboard view list and my new view is not created. Anyone know if it's a known problem and how to solve it?
ELA causes high RAM usage on Domain Controller ( Win Server 2008 )
When I add My Domain Conrollers ( On Win server 2008 ) in ELA console for collecting Event Log from them, RAM Usage of Domain Controllers goes up and continue stays up forever . I have just this problem on Win Server 2008 DC, I didn't have such a problem on Win server 2003 DC !!
Ubuntu server 10.04, run as service, no packets captured and slows down server
Just installed ELA 7 No error messages when installing, but it will not run as a service, had to start it manualy with run.sh The symlink in /etc/init.d/ is in place (was created by install) when I do: # /etc/init.d/eventloganalyzer console Running ManageEngine EventLog Analyzer 7.0... exec: 272: ./wrapper: not found I get the above error message Also hte ELA slooows down the system considerably. I configured a firewall to send syslog msg to ELA, no messages seems to be received, I used
Cisco messages not showing
Hello, I'm trying to configure EventLog to capture syslog logs of a Cisco PIX. The problem is that, in the dashboard it shows me that there are logs but when I click for the details it says me "No data Found". What can I do? Thanks in advance
Reports not showing the whole day data
When I'm running a report both "one time" and "scheduled" - it is only showing around 2 hours of logs. Anyone here having similar situation? Thanks.
Eventlogs from NetApp storage (security logs)
Hi, we nave some NetApp storage that will report about security event (login,logout,cigs audit) as windows events. From a server with computer management is possible to connect to those filers to manage them as windows servers but they are not real windows server so some management function are missing but envelog viewing work correctly. I've tried to get event logs with eventlog analyzer 7 but I get an roc error connecting so I think that ELA is trying to get something more then only logs (host
EventLog Analyzer - Good source for training material?
I am trying to learn (quickly) the basics about managing EventLog Analyzer. Where can I find some good reference/training materials? I'm a total newbie and right now, I can't even figure out how to stop the software from finding and monitoring network devices on its own. We'd like to manage that ourselves but it seems to find devices and then starts to monitor them all by itself. Thanks, Mark
Compressed Logs
I need to be able to show a report that stats the event ID and how many times it has occured, rather than showing each event occurance. for example: Event ID 1234: Desrciption - Occrued 24 times Event ID 2345: Description - Occured 12 times etc etc This will save a lot of time and paper if we need to print reports. Can this be done?
ManageEngine EventLog Analyzer 5 - Disk full
Hey I have a very small problem, ManageEngine EventLog Analyzer 5, has consumed the availble disk space on my machine, there is 0 Byte availble. How do I reclaim some of the diskspace, I would rather do that instead of just expanding my disk usage? Brg Tune
Event ID 644 - Locked Out Report contains duplicate entries
We have a daily report which reports on event 644 occurences (Windows user locked out). For some reason our report contains duplicate entries for the same user. * It has the same time stamp * It is from the same source server This is an intermittent issue. Can anyone advise on why this occurs?
Active Directory Authentication
I see in EventLog Analyzer where you can import AD users from OUs for AD authentication but all i want to do is give 2 users access via domain credentials. By importing an OU it will bring in WAY too many users. Is there a way i can just add 2 AD users to be able to log in via AD authentication or do you have to import all the users from a particular OU? Creating a seperate OU just for this would not be an option either.
Collecting logs from hosts through firewall
Dear Team, We have different hosts(windows and linux) in different networks connected by firewalls, we want to setup our eventlog analyzer in the most high secured network, which means we have to setup in our firewall some rule set to make this happen. and plus, we are only allowed to establish connections from the higher secured network to lower secured ones. In this case do you have any idear what to do, or is there any detailed manual to guide us do so? Thank you in advance! Tim.
Exclude Events From Report
Hi, Can you tell me how to create a report that will show all Application Errors, Failures and Warnings except certain Events? For Example: I want the report to return all Application Errors, Failures and Warnings except Event IDs of 1711 and 1529. I've tried entering the event IDs in the "Except" box but they still show in the report. Thanks.
Servers with the same SID
Hi, I’ve got a problem with retrieving logs from certain machines . In eventlog analyzer console I’ve got access denied 0x80070005 on those servers, and I would like to know is it possible that because that servers were cloned and have the same SID as well as NetBIOS name they might have problem with authentication in eventlog analyzer?. Servers are on different subnets. Best Regards Luk
Next Page