Historical reporting
Is there a way to run a historical report outside of the archive range?
Rename Hosts
I understand Eventlog Analyzer determines the host name based on DNS. Is it possible to change it to a more friendly name? Thanks.
Ports Required
Hi, I am trying to add servers behind a firewall to report to Eventlog Analyzer... What ports do I need open in the firewall to be able to do this? I currently get a failure message when I try to authenticate, having added the server host details. Many Thanks
Monitor Suse 10 on Eventlog Analyzer
Hi All, We have and ManageEngine Eventlog Analyzer installed on a Windows 2000 Server. Currently it can monitor log for all Windows Server, but when I try to add a Linux Server (Suse 10) It give me an error "Port 514 is already used." So i used another port 515 and was able to add the new linux server. But I can't see any event log. On the Linux Server I modified the /etc/syslog.conf to *.*@(eventlog_ip_address) and etc/service syslog 515/UDP and restart the syslog daemon Any idea how to resolve
Report on user accounts
Is there a way to report the last time a domian user has logged in. We are trying to find all users that havent logged in within a specified time period.
Windows 200 Server Logs
Have ELA5 installed on a Windows 2003 server. Collects logs from other Win 2003 servers and everything works just fine. However, does not collect Windows 2008 server logs, even though firewall is switched off.
Windows Server 2008 Logs
Running ELA5 on a Windows 2003 SP2 server. Collects logs from Windows 2003 servers with no problem. However, unable to retrieve Windows 2008 server logs, even with Firewall switched off Help please
mistake in changing mysql password
when i was following procedure for changing mysql password i made a mistake in following command: update user set password=password ('New Password') where user = 'root'; i issues following command instead : update user set password='New Password' where user = 'root'; now the application is not working and when i try to connect to mysql i get following error: ERROR 1130 (HY000): Host 'localhost' is not allowed to connect to this MySQL server please help
Status: Access Denied
I have a single host whose status is showing up as access denied. When I look directly at the windows logs for this server I can see my configured EventLog user logging in successfully in the Windows Security Log. If I test the login using the 'Verify Login' I get the message saying that the RPC service is unavailable. Again I can see my configured user has successfully logged in through the Windows Security Log on the server. I have checked the firewall logs and there is no traffic being blocked.
Filter by Event ID and Process.
I'm running on Windows systems. I want to create reports filtered on Event ID and Process (Windows calls it Source). For example I want to create a print report filtering EventID 10 from Process 'Print' but cannot find a way to filter the print process.
ELA + FWA + OPManager
I already put the question in another forum, but i ask here because I hope get more chances to get an aswer. Actually a customer is using two servers, one for OpManager and FWA, and other for ELA (shared with VPN server). Which would be a recommended configuration to get the 3 Apps working in one server under Windows 2003? Actually they have: OpManager Premium 7 (MySQL DB) # Devices 150 with a maxium of 250 in 2 years Eventlog 5 (MySQL DB) # Devices 25 with a maxium of 35 in 2 years Firewall Analyzer
Support for Custom Logs
We have some custom, non-Cisco switch logs that we would like to monitor. I gather from past posts that you can not define a custom log format but only use the pre-defined set. Am I correct?
Windows EventLogs
I have three Windows 2003 servers behind a firewall that is NATed to a single IP address. I am using Snare to send the logs to ELA. I am having problems configuring ELA to accept the event logs since it sees them as coming from the same IP. Any help would be appreciated. Bob Kentner Network Engineer.
Report is being generated message box
I recently installed EventLog Analyzer 5 and for the last 24 hours the Report is being generated message has been showing and default Dashboard reports are blank. Any help would be great. EventLog Analyzer 5 is running on a Vista SP1 computer. Thank you, dchilds
No data available for winodws hosts
I have no data available for any of my windows hosts in the portal. I believe that data is being collected for these hosts though based on the fact that I can view the last 10 events on any of these servers and the data is current. Please advise. This is a prodcution outage.
Eventlog Analyzer database corrupted
I have found information that our database is corrupted after upgrade to version 5. I need to get this solved so we can do some reports of our network switches. Thank you, Eddie Arnold Network Analyst
Installing EventLog on local system and inport evt
Hi Guys, I'm new in Eventlog analyzer and here my problem.. My guys will send me windows log file to my email I installed Eventlog analyzer on my system. I inport the file to eventlog analyzer but it seems like it can't generate reports or fully use all the features. Will your guys able help me or guide me how am i able inport the file and still be able generate reports. I can't add the host becasue is out of our network. So what we do now is the guy will send me the event logs to my email.. many
DB Migrating
I newly installed the ELA 5.0 and MS SQL 2005. I want to Migrate the DB to SQL. I've done as guided, eveything was ok, i can restore the db from previously backuped. The eventlog table also auto created,but when i restart my computer and filled in admin/admin at localhost:8400 (IE 6 or maxthon), the page transfered to localhost:8400/event/index2.do, then nothing appeared. i waited for a long time, it still a blank page. So can you tell me what's wrong with it. How can i work out the ELA with MS SQL
Reset Dashboard view
reset all counters on dashboard to show no data again as I setup the wrong dB filters. Only need to show Error, Warning or failure. Thanks Zach
The resolution???
I have been reading through these forums diligently. I have found loads of issues that users are having and the response to these issues from Adventnet is to send the SIF and that is where it ends. I understand the Support file is great for the initial user having the problem, but what about the person who comes behind to read these forums. I have come across quite a few issues (not major) that made me say hmmm, this sounds familiar.. how did they fix it... SEND A SIF! Can Adventnet post the results
Importing syslog files
The import facility allows for importing windows event log files. what about syslog files? can they be imported and how? Thanks
Use with NISPOM/DCID 6/3 compliance
Been looking for a log management tool. My current set-up is a few LANs that are all physically and logically separate in "closed" rooms (no access to outside world). Is anyone here currently using this tool to help with audit collection and analysis in this same environment? How does it work with multiple platforms? Running Windows 2003 Server, XP, Linux and Solaris with BSM in some configurations. Have people had success with similar set-up?
Feature Request - Users access to specific hosts
I would like to request a feature added in the next release. We have a requirement to only allow users to see specific hosts/groups they are responsible for instead of viewing all hosts configured in ELA. Thanks.
Feature Request - Alert to generate an SNMP trap
Are there plans to add an option for Alerts to generate an SNMP trap when they occur. The present solution of generate an email/run a program would be enhanced by a option to send an SNMP trap to a NMS
Using MSQLServer as BackEnd
Hi, i install the demo version in a RedHat Enterprise Linux Server and when i try to configure to use MS-SQL Server the files under /tools directory has 0-bytes size. What is wrong? Thanks in advance
Custom report and pdf problems
When I run a custom report for the month it will complete and then I can check all the data in the interface with no problem. However if I set the report to either email me or if I just manually go in and save the PDF or CSV file it will only show the last hour's worth of data for the most part. Anyone know how to get it to email the whole month's information rather then just a part of it?
can't get log from windows 2000 server
How to get log, Successful User Logons and Successful User Logoffs from windows 2000 server.
Evaluation questions
I'm evaluating Event Log Analyzer 5 and have some questions. I only want to log System log and Application log errors. I created a filter in the db for a group (it contains all the servers), but the home page shows it collecting all types of entries. Is there a way to stop it from collecting the additional information? When I run a report I created to see the above errors, I get back a no data available in the time range (I did previous hour and last 60 minutes) even though I can see errors from
NISPOM Compliance Report
Is there a plan to include a National Industrial Security Program Operating Manual (NISPOM) compliance report? This is the Government's compliance program for national security that applies to US Government agencies and contractors who work with classified information. Most of these organizations operate closed intranets (not connected to the internet) that must meet NISPOM chapter 8 auditing requirements.
Can't see Logon Failure report
Hello all, I am using EventLog Analyzer version 4.0.3. When I run the SOX Compliance report by using "Range of Days", I didn't see any in there. It said " No data available". I try to run few months back, but still the same. Please advise. Thanks
Logon report for individual user
How would I set up a report to show me the successful and failed logons for a particular user over a period of time? Thanks.
Collect all missing eventlogs on service startup
Hi, We are using "EventLog Analyser" for security reason to centralize all logon failure on our servers, so we have to be sure that all logs are collected in EventLog Analyser. We find a problem if ELA is stopped for maintenance or any other reason. -> When we restarted the service, events logs are collected from the time that the service is restarted and it does not collect events that has been logged during the time ELA is stopped, even if they were still present on the remote server. It would
incosistance on event collection
there is incosistance on event collection - the manager populate windows events at different intervals either once in two/three days time and hence other days events are missing. e.g today 21/08 it still says next day scan on 19/08 and nothing has happened so far. please assist.
Cluster with EventLog Analyzer
I want to install two ELog analyzer on two Linux servers with some kind of clustering, is it possible? example: SERVER1 - service ELog1 SERVER2 - service ELog2 if ELog1 fails, ELog2 take the ownership. Can I do that? regards, Israel.
how to view Log from windows 2000 server
Dear Support, Pls help me, i have 10 license host clients, one of them (host clients) windows 2000 server, but like this following, log not show. Successful User Logons 0 Successful User Logoffs 0 Unsuccessful User Logons 0 Audit Logs Cleared 0 Audit Policy Changed 0 User Account Changes 0 Locked User Accounts 0 SceCli Group Policy 0 Thanks, Regards, susanto
EventLog Analyzer publishes Best Pratices Document
We have come out with Best Practises document. The document guides users to optimize the EventLog Analyzer performance by fine-tuning the Hardware requirements, configuration, and other parameters pertaining to their environment. Please refer the document at the URL given below: manageengine.adventnet.com/products/eventlog/ELA_Best_Practices_Guide.pdf
Audit Changes
It doesn't appear to be currently possible, but I would like to be able to track changes in ELA. The only changes I would want to see are when someone adds something and when someone deletes something. it looks like it already tracks login and logout info in ela and would be nice to have this extra bit for security.
Cant login
Hi i have problem in logging in to my sl account....where to look for help have been trying for the pass 2 hrs and nothing happend please help!
logs from windows 2008 server
When will ELA be able to collect logs from Windows 2008 server?
Get old data from servers
Hi, a customer got some problems with ELA server, ELA was offline almost 3 weeks. Is there a way ELA can get the data from the servers (logins, logouts, etc) that couldnt monitor for the last 3 weeks? Now the server is full online. Thanks
Next Page