HIPAA Compliance Report - $ usernames
Hello, I am trying to evaluate this program on whether or not to purchase. I really like the built-in reports for HIPAA compliance. The only problem is that I am getting over 4000 successfull logons per hour, where mostly they are the workstation usernames that end in "$". Is there anyway to filter them out? I have tried different logic with the database filters, and even creating my own report (which seemed to possibly work, but it included the whole log instead of the one line log that the HIPAA
Advapi Authentication
What would be the best settings for the eventlog manager to only report and email true user login failures, not Advapi Authentication local and system failures
Event Log server ip address changed to 127.93.94.95? since changing to virtual server
Using EventLog analyzer v6 build 6001. We have switched this server from a physical server to vmserver. The eventlog is reporting the EventLog server IP address as 127.93.94.95 and is listening on port 513,514. When I use the server diagnostic option, its states the real ip address 10.x.x.x. The 10.x.x.x is the correct address. Can you suggest how I could correct this problem as no servers are logging to the server. I have also logged this as support request using the online form. Think there
Role based access
Dear madam or sir, I really like EventLog Analyzer, BUT. I would like to have roles for users where I can select what a user can see or can't see. For example; My current client doesn't want the engineers to see the Windows security events. In the current version I can't hide that for certain users. Or I want certain reports for a security manager and not for engineers... Are there any ideas to use role based access? Thanks in advance, Johan Omlo
Same Email elerts sent out over and over.
I have a clean install of Eventlog Analyzer 6.1 (stand alone). Some times a alert (or group of alerts) seem to get stuck in a send queue. I get the same emails over and over until I reboot the Eventlog Analyzer server. Rebooting is the only way to get it to stop sending. This happens very often (and with alerts from different client servers) and if the group is of 30 alerts, I end up with hundreds of e-mails in my inbox that are all the same with the same time stamps. Has anyone had this issue? Is
Migration of Standalone ELA to Managed ELA server
Hi, I have preformed the migration of our Standalone ELA Server to a managed Server, all went smooth. I have also been able to set this Server up under the Admin Server as a Managed box. The question i have is that i want to setup the communication between the two over HTTPS rather then HTTP. Can you advise what i need to change on the Managed Server. I believe i only need to edit the managed server properies on the Admin box to change it to Https, for that side. Cheers, RH
Eventlog Analyzer 6.1 installed on ubuntu 10.04 server 32bit
Issue I am having is once I successfully install the software. I cannot add a new host. I click on add new host and the screen flickers once. I had this problem with 64bit version so I decided to use the 32bit version. Still doesn't add hosts. Any help would be great.
match a phrase in a report criteria
Hi, I want to generate a report matching a specific phrase. For example I want to find a log messages with exactly the string: "logon type: 10" There is a way to define this in a report? The comma don't help me... and if I define "match all" the result is not what I want. Thanks for your great job! Alessio Susi
autostarting eventlog analyzer
I ran the install as a service script but the service stops collecting after a certain amount of time. My setup is EVA v6.1 install on ubuntu server 10.04 64bit. Any help would be appreciated.
Does ELA support forwarding of logging data?
Hello; The subject says it all...does ELA support the forwarding of data that it collects to an alternate logging server? George
Installation problem of event log analyzer 6.
I've a pc where is installed apache 2.2 and mysql 5.0.37-comunity-nt on Win xp sp3 machine. Apache use port 80 and mysql use port 3306 The installation program of event log analyzer terminate without error. After installation I start the program from start menu and in the command shell I receive the error "cannot connect to database". I've changed mysql and web server port, restarting the pc, and when starting the application the error is the same. I've try with other ports, disabling antivirus,
Log As400
Is not possibile create a file log for as400 same as Server Windows. In Italy exist a law that administrator must save a log autentication. This logs must be only read. Exist a hot fix?
How to monitor sql SERVERLogs?
How to monitor sql SERVERLogs?
ManageEngine® EventLog Analyzer 6.1 Released
ManageEngine® EventLog Analyzer 6.1 Released We are glad to announce the release of ManageEngine EventLog Analyzer 6.1 (GA) Distributed Edition and Standalone Edition. Download Distributed Edition Standalone Edition Read More What's new in this release? 6.1.0 - Build 6010 - Distributed Edition GA release of EventLog Analyzer Distributed Edition. New Features - Admin Server The general features available in this release include, Centralized Archiving for Distributed Edition New Features - Managed
Transfer ELA to a new Server
I have seen a post (possibly on the old forums) about transferring ELA to a different server - I'm obviously being stupid because I can't find it again - any chance someone could show me a link to the relevant article ?
ManageEngine Announces the Availability of EventLog Analyzer 6.1 Early Access
The EventLog Analyzer team is happy to announce the Early Access of the latest version 6.1 This release is another milestone packed with powerful features. If you'd like to try the Early Access of EventLog Analyzer 6.1 of Standalone and Enterprise Editions, please contact the support team at eventlog-support@manageengine.com The support team will provide you the download links and complete list of features. Please note that the Early Access versions are meant only for testing purposes and should
Error code 515 invalid license file
I am getting error code 515 invalid license file for event log analyzer when i try to start the server. This is in turn producing a mysql error and does not start the server.
What are the mininmum user needed login credentials for windows log collection?
Hi there, I'm looking for an answer of the question above. The problem is that our internal company policies does not allow to provide applications with accounts from the Domain Admins group. So what are the minimum rights which the user should be provisioned with in order to successfully collect the event logs from windows domain controllers for example? (If you are not able to publish the information here, please consider send it to my mail) Thanks in advance... Momchil
EventLog application logging
Hi, For auditing purposes I need to see what a user (especially admins) do in EventLog, like creating new users, changing user rights, etc. Is there a way to see this? Thnx, Johan Omlo
Problem missing log
In the event log machine i found this error. Cannot find table eventlog/eventlog_hr_trend from the internal data dictionary of InnoDB though the .frm file for the table exists. Maybe you have deleted and recreated InnoDB data files but have forgotten to delete the corresponding .frm files of InnoDB tables, or you have moved .frm files to another database? Look from section 15.1 of http://www.innodb.com/ibman.html how you can resolve the problem. 100419 10:53:08 [ERROR] ../mysql/\bin\mysqld-nt: Can't
Java tuning for Eventlog Analyzer
We run the latest release of ELA. Our setup is such that we have a MSSQL 2005 database on a separate server from the ELA server. We have run into performance issues. I read the the Java tuning instructions on another post. However, there is no wrappermssql.conf file. Can you give some instructions on how we can tune Java in this environment?
Email subject/body changes and also Update time?
Three questions, I hope it doesn't get too confusing. One. Is there a way to change the email subject I would like to put our "safe" word in the subject so that it doesn't get rejected by our spam filters. Two. It would also be nice if the alert could be customizable. In other words not only tell us what the event is but add our own input to the body of the email eg lets say you have an alert on a backup server. And the error you get is that the backup drive is off line. Then you would get the alert
RPC server is unavailable
Trying to add hosts i get the error RPC server is unavailable 0x800706ba. What is the fix for this problem.
Missed logs capture
Hi everyone, I've installed the program on a Windows XP machine. The machine was out of date and I set Windows Update to automatic. The machine restarts at 3 am but the Event Analyzer service didn't start correctly and we start it at 12 am. The logs in this time rage weren't captured. Is there a way to set the program to capture previous logs? When I did a fresh install of the program how can I tell him to capture all the logs that are in Windows Events Viewer? Thanks in advance. Michele
I need some help?
How can i reciver the report logs on my email?
Generate Reports from Import Logs
How do I generate reports from imported logs?
Restoring Mysql backup on New Server with new ip
Hi, i m using Evenlog v 5.00 on my windows maching with ip 172.26.99.14:8400 i did backup .. now i have install Eventlog v 5.00 on new machine with same window version but with different ip 172.26.101.160:8400 and i have restored database successfully without any error. i can connect it without problem using webclient.. but when i check the server info on the new machine ::: Server Name : ibopemng01 Server IP : 172.26.99.14 Listening Port(s) : 513,514 Failed Port(s) : - Server Status
ManageEngine EventLog Analyzer - Voted WindowSecurity.com Readers’ Choice Award Winner - Event Log Monitoring
We are very happy to share the news that ManageEngine EventLog Analyzer voted as Winner of WindowSecurity.com Readers’ Choice Award in the Event Log Monitoring Category for the year 2010. In 2009, the product was adjudged as Runner-Up. This year the product has been elevated as Winner. We are happy that for the two consecutive years the product is in the top slots. We, the ManageEngine team, thank all of you who have voted us to win the Award. We feel happy that we continue to live up to your expectations
Custom Report message filter with Boolean in ELA6
Greeting! I was wondering a method how to perform an AND in Custom Report message filter. Since there are already have AND/OR in Alert and DB Filter.. For Example, without any pre-defined report like Top User... I'd like to create a custom report of an window security log of syslogd format. I will try to input 528, administrator in message filter criteria for successful administrator logon. The secondary report will be 528, user1 for successful user1 logon. But the result seems that the criteria
urgent.
I have this problem from TUESDAY haven't any log for windos machine. In dashboard I have my servers but Error, Warnig Failaur equal = 0. Only operation that I do is actived the archived files Help!!
Delay in response for forum posts
Dear Customers, We had some issues in getting your posts delivered to us. Due to that we were not able to reply to your issues/questions immediately. We apologize for the inconvenience! -- Thanks & Regards, Bala ManageEngine® EventLog Analyzer Toll Free: +1 888 720 9500 Check out our Forums and Blogs ZOHO Corp
Log only administrator Account
Is possible to log only domain admins account with EventLogAnalyzer?? it log every logon/logoff, but i'm interested only for Domain Admins... is for our new italian's law
Moving the Archive.
Currently ELA, the DB and the archive are all living on the same 250GB HDD. Is it possible to move just the archive to a different disk without blowing up ELA? I have a 500GB HDD ready and waiting but I can't risk killing my current reports and would like to preserve my current archive. ELA v.6001 running on windows server 2003.
Reload data for a report.
The report was using the credentials for the individual previously holding this position and therefore was not collecting data for a month. The credentials have been updated and ELA is now communicating correctly but how do I tell ELA to recollect the 32 days worth of data needed? ELA V.6001
MS SQL 2005 Backend with RHEL5
Is this possible yet?
distributer edition problem https
hi, i install distributed edition and during admin server's installation i set ip x.x.x.x and port 8400. Now i change on admin server the connection to my client server from http to https and the server client going down. why? i must change configuration on server client? thanks Andrea p.s: apologize bad english
Why does my Windows2000 SP4 Domain controller hit 100% CPU utilization when polled by EventLog Analyzer?
I have a Windows 2000SP4 Domain controller that hits 100% CPU utilization every time EventLog Analyzer polls it. Any Idea why this is happening and how I can rectify the problem?
reports saved to folder location instaed of email
Hi, we have loads of reports that are generated and emailed to a generic user account. We are soon changing this and all the reports need to be saved in a folder rather than sent by email. Is his possible in event log analyser? Thanks Phill
Web Client error message after moving from MySQL to MSSQL 2005.
HTTP Status 404 - /event/index2.do type Status report message /event/index2.do description The requested resource (/event/index2.do) is not available. Apache Tomcat/5.0.28
EventLog Analyzer Stops Collecting Data?
We have this running against all of our DC's. About once a week (lately) it will stop collecting data and will not start again until the box is rebooted. Anything I can check?
Next Page