Problem changing database to MSSQL2008
Hi, I'm running a trial version of Event Anayzer 5 on a virtual machine. If I setup the system to run in trial mode with the MySQL-database installed on the same machine, it runs fine, collecting data from 20 servers. I followed the instructions to change the database to a MSSQL2008 database hosted on another server by copying the necessary files, making a backup, changing the database and restoring the database. Now I get funny results: the whole system starts up fine, I can see the restored data
PIX 515?
Does eventlog analyzer work with PIX 515? I am unable to get any logs setup per the EventLog instructions...I also tried FirewallAnalyzer and same issues. Our network guys swear they have PIX configured per instructions.. J
../mysql/\bin\mysqld-nt: Can't open file: 'eventlog.MYI' (er
Error: ../mysql/\bin\mysqld-nt: Can't open file: 'eventlog.MYI' (errno: 144) No data being displayed.
Exporting report to csv should support Chinese characters!
I am adventnet's customer from china, I meet a report export problem. When I try to export the report including Chinese characters to CSV file, it shows interrogation not Chinese characters, but English Characters is normal. So, do you have any idea for me to solve this issue?
Report export chinese character probelm!
Hi dear ELA support: I am adventnet's customer from china, I meet a report export problem. When I try to export the report including Chinese characters to CSV file, it shows interrogation not Chinese characters, but English Characters is normal. So, do you have any idea for me to solve this issue?
ManageEngine consultants needed
Hello ManageEngine User, I'm looking for consultants who know ManagEngine products and experienced enough to architect, design and troubleshoot IT networks and infrastructures. Deep Analytical skills needed. Must have strong Communication skills. US citizen preferred, but not necessary. Security Clearances desired. For more information, please contact me at: Eric Wegner AdventNet, Inc. 10 Cornfield Lane Asbury NJ 08802 Phone: 732-801-9083 Email: eric.wegner@adventnet.com IM: evwegner@yahoo.com
Moving Eventlog from Server to Server
Hello ALL !!! I have Event Log Analyzer (ELA) on a server (X). I need to move it to a new server, as I am going to decommission the old one. How can I move all the data from Server (X) for ELA onto the new server without loosing anything... WHY !!?? becasue otherwise I will have all my auditors hounding me that I am non compliant as I have no history or reports !!! Cheers :roll:
Syslog monitor and system resources
Hi all. My first post here. I'm using EventLog Analyzer free edition as we don't have more than 3 servers that needs to be monitored and Cisco ASA. The problem that I'm having now is that after some time Syslog Event Collector begins to take too much of memory on the server where it is installed. I have attached picture bellow with current consumption and it's still growing. Also another thing that I have noticed is high number of UDP ports that are opened by the same process, at this RAM consumption
Custom Report - No Data Available
I'm having a problem creating a custom report. I would like to create a weekly report for Error, Failure and Warning events for all Windows hosts. When I uncheck the Information and Success event type, the generated report will show "No Data Available for the selected windows host(s) within the time range". However, if I select all event type, a long report will be generated (no problem). Could anyone please help? Thanks, Narin
User Log for "Deleted" file sharing
Hi All, I has been installing the free edition for Manage Engine EventLog Analyzer, and make alist for a few host workstation to monitor the "logs". But, how to monitor the files sharing we put on the "file sharing server". (FYI, we has using SME 7.4 to be a File Sharing Server, also become a widows domain controller) regards, darmasanthi
Admin Password change
In EventLog Analyzer Free/Demo version, when I try to change the Admin password it doesn't work. A box comes up saying it changed it, but then another box comes up saying the password has to be between 5 and 20 characters. I've tried a few different passwords making sure I am between the 5 and 20 character limits.
EventLog Analyzer Time and Windows Evnt log it nt consistent
HI, Guess we have a major problem here wher the windows event log (Time) is not the same as captured by the ELA, its totally wrong. let say it 11AM, but the log captures as 1PM...EXAMPLE>. Can you please tell me whats going on here and help me to solve this issues. Its too dangerous if the timing are wrong for production servers.
Alert - Batch File
Hi, I configured an alert that calls a batch script. This batch script unlocks a certain AD user's account and restarts a certain service on a remote machine. The script works perfectly from DOS prompt, as well as from the GUI, but the Alert doesn't seem to be calling the script. The alert is also set to send an email out, which works perfectly. Please help! This is the only thing holding my company back from buying this product. Thanks, Alex Gentile
ManageEngine EventLog Analyzer 5 Released
ManageEngine EventLog Analyzer 5 Released We are glad to announce the release of ManageEngine EventLog Analyzer 5 (GA). Download | Read More What's new in this release? New Features and Enhancements * Support for importing and analyzing application specific logs (IIS web server and MSSQL database) * Support for MSSQL as EventLog Analyzer database * Support for Windows Vista Events * Support for customizing and scheduling predefined reports (including trend and top reports) * Framework for adding
Monitor Disk Space
How do I monitor disk space with Event Log A. 5 ? I need to receive emails when disk space gets low...
Setting Windows 2003 servers to log invalid attempts
I've noticed that under the PCI report, there is only a single sever that shows up for Report on logon failures. I was wondering how to configure my servers so that they also log logon failures for PCI compliance. Audit Policy Changes and Reports on audit log changes are also similarly blank, and I would like to understand how to configure systems to log these as well. Any help would be great, thanks!
No Data Available on Dashboard
When viewing the EventLog Analyzer dashboard, all of the charts say "No Data Available" and the counters for each host are at 0. I have confirmed it is collecting data because when I open the SysLog Viewer to view raw packets I see messages coming in, but none show up on the dashboard. Possibly a DB error? Any help would be appreciated. Thank you.
No data for windows hosts
I am seeing no data for windows hosts. Eventlog analyzer is able to connect to them however no data is being displayed or placed in the database. This is a new problem. I had data for windows hosts until 2 days ago My syslog hosts and linux hosts are fine.
no alerts for some application logs
hi forum! i registered user of EventLog Analizer 5. My problem`s similar to forums.manageengine.com/viewtopic.php?t=764351 The Alerts that i create for some application event id not working. Please, anybody help with this? hanks Cristian
How to edit "My Report"
I'm not able to view & modify the settings for my created reports under "My Report". Please advise. :)
Daylight Savings Time goof
Just wondering if anyone else saw this on scheduled reports from Eventlog Analyzer; I have a non compliance report that runs on two of my servers and it emails me a pdf at 6:30 AM EST every morning. Starting yesterday (Sunday, 8 Mar 2009), it is now coming in an hour late at 7:30. I checked the scheduled report settings and it actually changed in the settings to run at 7:30. As far as I know, no one has modified it over the weekend. Has anyone else noticed anything similar? Thanks!
TLS/SSL Syslog Server
Does EventLog Analyzer's syslog support SSL or TLS?
Import log
Hi Guys, Now I'm running on trial ver. My event log size 32.5MB. After I import it I got this error message. EventLog Analyzer - Error Message Could not find the message file for the following event sources: PassportManager; TrustMonitor; DSReplicationProvider; MSExchangeSetup; Microsoft Search; MSExchangeMGMT; MSExchangeTransport; MSExchangeSA; MSExchangeDSAccess; MSExchangeMU; MSExchangeFBPublish; EXOLEDB; EXCDO; MSExchangeIS; ESE BACKUP; ESE; MSExchangeIS Public Store; MSExchangeIS Mailbox Store;
customised report to filter by specified users
we would like to to identify the logon/logoff information of certain specified IDs (basicially it is to monitor what these IDs have done on all the servers) what is the easy way to do it by using the product? We tried to use custom report, however it only allows us to specify event ID, we can not filter by the user IDs. And the search function does not allow search by multiple users either.
Moved MySQL DB to another partition now dont get any data
Hi Support, Recently I moved the MySQL DB from the D: Drive to E: Drive on my server due to drive D: running out of disk space. Followed the steps provided on how to migrate the DB to another drive. Now when I start ELA I get the following dialog box: Script: D:\apps\Adventnet\ME\Eventlog\bin\configureODBC.vbs Line: 124 Char: 2 Error: Permission Denied Code: 800A0046 Source: Microsoft VBScript runtime error I've checked the ODBC settings and a Test of the Data Source is successful.
No alerts generated for specific event id
Hi, We have installed the trial version of EventLog Analyzer version 5 and have configured total of three alerts for monitoring Active Directory events: 1. User password change - event id 642 2. User deleted - event id 630 3. User created - event id 624 The problem is that no alerts are generated for user creation in Active Directory (event id 624). The other two alerts work just fine! I have re-created the alert many times without success. Can you please assist with this issue? Regards, Rotem Agmon.
Report Filters
How can I find out what filters are in place on an existing report? Since I can't edit the report I can't get to it to change and the report view doesn't show this. Help is appreciated.
Cannot receive log from Solaris
Hi Support, I cannot receive log from solaris, in host solaris, i have added *.* @ip_eventlog_analyzer in syslog.conf and i have stop and start service syslog solaris /etc/init.d/syslog stop /etc/init.d/syslog start Help pls, Regards, bagio
About PCI-DSS Compliance
Hello, My company is looking for PCI Compliance. The requierement 10 deals about log, which log to catch and their protection. On your web-site you write "to comply with various regulations such as [...] and Payment Card Industry Data Security Standards (PCI)", but I don't understand how the Eventlog Manager help on the 10.2.2 and 10.2.3 requierement. If those events are not written in the windows log, how can your software caught those events ? Other question : about the requierement 10.5 (protect
Interpreting Windows Event Logs
Hello, From looking over this forum I am guessing that this is not the appropriate place to ask certain questions about Windodws Event Logs (such as what some of the fields mean in the description section). Does anyone know of a forum for these types of questions? I have done a lot of reasearch on the web, but googles are not answering my questions. Thanks,
Custom Report - File Permission Changes
Hi I require help with creating a report. I need to report on File/folder permission changes & I have configured auditing in windows. I can see that Security Event ID 560 is logged when I change permissions, open a file/folder etc. but whats the best way to specify criteria in the custom report wizard? Thanks Chris
Eventlog Analyzer hangs
When I open the eventlog analyzer it hangs in "Report is being generated. Please wait"
ELA Trying to connect to unknown IP address
Hi I can see from our firewall logs and from Network Monitor that ELA is trying to connect to an ip address 10.0.0.6 every 10 minutes on port 135 or 137. This IP address is unknown to us and is not an IP of any host for which we are collecting logs. I have double checked all our host details and that IP address is not there. Is there any reason why EventLog Analyser would be trying to connect to this IP address?
How to change pw for multiple hosts
All, I have about 150 windows servers added to Event log manager. The pw to authenticate under Host Details has changed. How can I change that pw to all boxes at once instead of individually clicking host details for each box?? The username is the same..it is a service account where the PW changes each year. Damian
Migrate web server to new server
Hi, I'd like to leave my MySQL database where it is, but move the application to a different server. I've done the default install, but I don't see how to point it to the database server. What parameters do I need to change? I'd also like to uninstall the default mysql install on the webserver, as well.
cannot add host that was P-V'd
i have a virtual server that was a physical box that i cannot add to ELA. the physical server had been removed from ELA before i tried adding the virtual machine. i have also gone through all the documented troubleshooting steps to add the host without success. all of my other vmware vm's were added without incident. has anyone else encountered this issue when trying to add a vmware P-V ?
Archived files - question
Hi, I've got a question: is there possibility to load archive files (zip's) from old installation of EventLog Analyzer to new one? I've copied them to archive\ folder, but I still can't see them in EventLog Analyzer. Thanks for reply, Piotr Lezon
New Version
I am looking forward to the new version that I believe is scheduled for Q1, any idea on when we might see it?
Not receiving Syslogs from PIX or Router
Hello, I have EventLog Analyzer installed on Windows 2k sp4. I have been able to successfuly retrieve my event logs from a win 2k server, but not from any cisco devices. I have a pix 520 and a cisco 3640 router. I have added both as hosts using Unix, Hostname = their IP, and port 514. Then i have turned on logging on each device, using the syslog server ip of the EventLog server. However, i am not receiving any events. i have a green status on both cisco hosts. Something else that seems weird if
Problem with the built-in reports.
Hi, We are using your product (Eventlog Analyzer 5.00 - license type professional) for monitoring mainly Windows hosts, and we have problems with built-in reports. Reports of top users by login, top interactive login and all compliance reports (HIPAA etc) displays 'no data available'. Logs with eventid=538,539,540 are logged, we can browse them by custom reports for specific host. How can we fix that? Best regards, Piotr Lezon
Next Page