ELA for Linux and Snare Agents for Windows
Hello, i'm trying ELA for Linux, what is the correct configuration of the SNARE agents for Windows? Thanks in advance
Server crash..now getting error 535
My server crashed and now when i try to start EventLog Analyer I now get, ERROR CODE : 535 Invalid License File Help!!!!
bug as400 event log
hi, i think i've found a bug about the as400 feauture I have installed the software the January 22, I set date format to ddMMyy (i'm from italy) and the software work well. When i come back to the office January 25, the software could no longer recover from log 'AS400. today I checked the logs and found that the program command DSPLOG PERIOD(000000 270110) OUTPUT(*PRINT) is wrong, beacause 270110 isn't an hour but is a date. The command right is DSPLOG PERIOD((000000 270110)) OUTPUT(*PRINT). Here
EventLog does not start
Hi, I'd installed the "ManageEngine_EventLogAnalyzer.bin" on a new server runing Fedora 11 (2.6.29.4-167.fc11.i686.PAE). Following the guide, i must start the service with the "run.sh" script in the bin of the installation folder, but it doesn't start up and get the (popular?) error "Unclean shutdown of previous run.": [root@LOGANALIZER bin]# ./run.sh ================================================================================ JBoss Bootstrap Environment JBOSS_HOME: /opt/LogAnalyzer/EventLog
ELA Vs Splunk
Hi, Is there a whitepaper on the benifits of ELA over Splunk ? Or can you outline the differences between the two ? Cheers, RH
Best Practices for ManageEngine EventLog Analyzer is Released
Hi, Based on our customers request we have created Best Practices Document for EventLog Analyzer. This document includes System Requirements Optimizing Hard Disc Space Securing EventLog Analyzer Best database practices Data backup practices Best support practices You can download it from the below link http://www.manageengine.com/products/eventlog/ELA_Best_Practices_Guide.pdf We hope this document will answer lot of your questions regarding system requirements and help you to fine tune your machine/server.
Event Log Analyzer is not capturing events from virtual machine
Hi guyz, Hope you are all doing well. I am evaluating the Event Log Analyzer product that we are planning to deploy. For testing purpose we have created a small test environment. The environment is as follows System1 is running windows XP SP2. The event log analyzer is installed on this system System2 is running windows XP SP2 also by VMware I have installed two windows 2003 server machine in the virtual environment and one Linux machine. Now the event log analyzer is capturing the events from
NETAPP export of SysLog
Hi, Does anyone already configured a NETAPP server to export the syslogs versus Event Log Analyzer? Do you have any guide lines? Thanks and Regards, Razvan Despa
Save report results
Hello, We're currently using the ver 6 of eventLog Analyzer, and found it very useful. Thanks for this nice product. For reasons of safeguarding event logs information, we need to save the daily reports generated. Now, we recived them by email, but it will be more helpful for us to have a folder where they are saving without send e-mail or manual actions. I've seen that in the ..\default\server\reports folder are the pdf that the system send us by e-mail, but these are replace each time when
Custom report
Hi, I've created some reports (on section My Reports) on ELA. I see them only if I'm logged like admin user ! If I'm logged like guest user I don't see any custom reports. Why ? TIA
Eventlogs Analyser 6 - indexes Hot and cold
Hello, We are facing some space available on our server where Eventlogs Analyser is installed. After Analysis, I discovered that there are folders called hot and cold in EventLog\server\default\indexes\, the space used by these 2 folders is very huge, avarage 1 GB per subfolder specially in hot folder. Is it possible to cleanup these folders or not ? How can I do it ? Is there within Eventlogs Analyser something to manage and maintain, clean olf folders ? Many thanks for your help. Best regards
Events that are beeing left out from eventlog
Hello all. I have problem with Snort and few other monitoring programs that are writing to Eventlog and manage engine is not able to parse or read those messages. For example snort is writing message like this:The description for Event ID ( 1 ) in Source ( snort ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and
IBM AS/400 supported in ManageEngine Eventlog Analyzer
Hi All, We are happy to announce that the beta version of the ManageEngine Eventlog Analyzer is ready to support the IBM AS 400 devices. If you are interested, kindly contact support@eventloganalyzer.com SignatureThank You, Best Regards, Raj ManageEngine® EventLog Analyzer Toll Free: +1 888 720 9500 Did you analyze your Firewall logs? Try our Firewall Analyzer.. Follow us on Twitter ________________________________________________________________________
Some of log messages have wrong time stamp.
Hi everybody. I have a window server 2003, run event log analyzer 6 and a linux client, run syslog-ng to forward logs to server 2k3. At the first time it run perfectly but after a while I found that there are some messages that have the time stamp approx 5 hours in the future from real time. I found a thread also has problem wit time stamp but it occur with version 5, window 2008 and all the message were affected. Any ideas about that??? Thanks
Database Filters
Is there anyway to obtain a printed copy including details for database filters in use on Eventlog Analyzer 6?
Name resolution
Hi, I am using ELA 6 on Windows 2008 R2 64-bit. I have successfully set up an alert via email. 1. I would like to see the hostname resolved in the body of the email via DNS but I don't know where this is configured? 2. When I try to Add a New Host, the pulldown bar does not list any domain names. What do I need to do enable this feature? Thanks, Robert Perez Systems Engineer
How to move EventLog Analyzer to a different machine/server
Hi all, I have a question about the EventLog Analyzer migration to a different machine: if I follow the procedure described on FAQ for MySQL database, are all filters, reports, etc migrated also or I need to redo the job again? Thank sin advance.
SysEvtCol.exe keeps crashing in ELA version 6000
Hi, My sysEvtCol keeps crashing and then I stop gathering data. It's really frustrating. I have audit requirements and this forces me to go an audit all my PC's. I wish there was a a way to have it catch up if a machine is off and then turned on. I have about 80 machines half windows and half linux. Does anyone else have this issue? I am running xp with 3.25 gig of ram and nothing else running on the box. Thanks in advance
Syslog viewer
Hi, I have some of installation of ELA and someone syslog viewer doesn't show any data. The log collection work correctly. In other installation I don't have this problem. Any Ideas ? Is there something to set up ? Regards.
Set DB Password
Hi, is it possible to set a password for root user on mysql DB ? Bye
Docs for products
Is there any written documentation on the forum for the ManageEngine products, I don't see to locate them.. Thanks
how to set the license file
My evaluation installation expired and I have purchased the pro license. How can I set it to do the program run? Thanks
DB Filter
Hi, Is it possible to create a DB Filter on ELA to ALLOW only some EventID ?TIA
Can the Log Analyzer use SQL2005 as the backend?
Where i can find on server MS SQLlog file?
Where i can find on server MS SQLlog file?
Eventlog Analyzer 6 error on server 2008 32bit
Livello Data e ora Origine ID evento Categoria attività Errore 16/12/2009 5.13.38 Application Error 1000 (100) Applicazione che ha generato l'errore SysEvtCol.exe, versione 0.0.0.0, timestamp 0x4b1df01f, modulo che ha generato l'errore ntdll.dll, versione 6.0.6002.18005, timestamp 0x49e03821, codice eccezione 0xc0000005, offset errore 0x00067580, ID processo 0x1b1c, data e ora di avvio dell'applicazione 0x01ca7e06077672bf.
EventLog Analizer support Windows 7 ?
Does anyone know if ELA is installable and working on Windows 7 ? Does is it supported ? TIA
AS400 collect logs problem
Hi, I'm trying to receive logs from AS400 server to ELA. I must use the european date format dd/MM/yy. This seen be a problem because I receive only a part of logs every day. In particular I receive logs from 00:00 to 02:59. NOT one from 03:00 to 23:59. I don't understand what I wrong. Can anyone help me ? Regards, Pierpaolo De Grandis
Loging user login of administrator
Has anyone had any succes or tips for logging when the administrator logs in. I have an event that logs security event 538 and security event 540. Its really just to see if anyone is logging in as administrator. (some have the password but are not suppose to use it unless emergency.) However I get logins events being emailed to me via the eventlog software that Im sure are not users logging in. The trouble is that some processes that run show up as administrator logins. It seems almost impossible
as400 incorrect logs
Hi, I need to collect AS400 logs so I'm testing EventLog Analizer. I create the object, assigning IP, admin credential and the european date format dd/MM/yy (NOTE THIS). So, I receive some logs but there are somethings wrong: 1. I receive only logs from today at 00:00 to today at 03:11 2. I continuosly receive the same logs. Every 10 minutes logs increase of dimension but they are always the same. What can I do ? Is there some other parametes to change ? TIA
Time and Date are wrong
Hello, I have a mix of Win 2003 and Win 2008 servers. The 2003 servers are being logged in EventLog Analyzer correctly however the Win 2008 servers are not. The times and dates show in Eventlog Analyzer as approx 5 hours in the future from real time. The time on the 2008 servers are correct. Any ideas?
Unnecessary information in CSV files
Hi, Most ManageEngine products include information in CSV files that isn't actual data. This impedes importing into Excel, SQL Server etc. Is it possible to enable CSV's to contain only the column names and the rows of data, and leave the report name and date ranges in the file's name? Cheers, LeRoy
Windows log alert encoding
Hi. I have a trouble with encoding alert messages. For example: when somthing wrong on windows server (win2k3)russian localisation, a can see log message in EventLog An. in russian character, but when i try to use alert messages i see nonreadable message like this: Dear User, This is an automated mail generated by EventLog Analyzer Alert Generation Engine. An event matching the alert profile win occured at 12:09:42, Wed, Dec 02 2009. Alert Details Host SERVER2003 Application Security Criticality
rsyslog.conf
Do you anyone know how to configure the rsyslog.conf in Fedora 11 for Eventlog Analyzer to get those logs?
Syslog from AS/400
How to monitor syslogs from IBM AS/400 e series Pramodh
Can EventLog Analyzer and OPManager live on the same server?
Hi, Can anyone tell me if EventLog Analyzer and OpManager live on the same server? I would like to get the extra funxtionality of EventLog Analyzer for monitoring our servers but would prefer not to have to setup another new server if at all possible. Cheers,
How do I capture IIS and SQL logs?
Hello, I am new to ELA. How do I capture IIS and SQL logs? thank you.
Cannot collect any log
Hi, i have set up EventLog Analyzer 6.0.0 32bit on Suse 9.3 (on MYSQL) I've follow step by step your Installation Instructions as the User Guide. I've added 3 Unix Hosts. The status of this Hosts is: Logging Started / Scan successfull (Green Icon) I've added a host, but EventLog Analyzer is not collecting event logs from it. I have read the User Guide to the chapter Troubleshooting Tips at the paragraph "I've added a host, but EventLog Analyzer is not collecting event logs from it" and: - The host
Reports
I need a Top Hosts by Event Severity report for different groups. If I create a new report, the Top .... reports are not available in either custom or compliance. Eg. Network Devices - report to show Top Hosts by error severity. Desktops same report but only that group of desktops. Thanks for any help.
PDF report customization
Hello I think this topic can be helpful for other people. I've been asked to customize the PDF report front page, in order to display company logo and such. I think that other page elements can be customized. Where can I find the related templates? Thanks for your help Regards stefano
Next Page