Compliance Report
In the report area there's no FISMA Compliance Report. Is this a custom report or do your reference a existing report (SOX,PCI ??)
Log Collection Internal
Is there a way to change all the collection interval for all hosts in one step? -- cheers, g
control files
Hi all, I've a question, is possible check when a files is opened, closed and modify ? I've Solaris 10 and 9 Sparc servers I will install Eventlogs professional to windows system thanks for attention Best regards Alfredo
Creating reports, its possible?
Hi, I want to know if its possible to create the next reports: 1. Access to Prohibited folders (tries of..) ------------------------------------------------------ | Folder | Server | User | Tries ------------------------------------------------------ | C:\Financial | MXO2 | SSMITH | 5 ------------------------------------------------------ | D:\HR | MX01 | SSMITH | 3 ------------------------------------------------------ Create the report every week for example. 2. Failed login to domain (failed attempts)
Looking at buying Eventlog Analyzer but need more info
We're a College and are looking for the following kinds of reports. One of our VARS sugegsted we look at your product. After looking it over not clear we can get the type of reports we're looking for. Below are some examples. I'd like to see actual demo versions of these reports rather than a general statement it's possible(been burned too many times before) to not want to have eyeballs on it. Case 1: group of desktops that have their own policy lets say there are 70 machines in this group want to
Desired reporting features
Is it possible to do the following, or is it on your dev plans to be able to... -automatically generate reports to disk rather than mailing them out -automate the running and saving of event or trend reports -set up equivalent compliance reporting for aix hosts Thanks Rebekah
Start a collection
I have my monitor interval set at 60 minutes. Is there a way to force a scan of a server as needed if I don't want to wait for the normal interval?
minimum rights for windows account when adding new hosts
I need to know what minimum rights are needed for the login account which adds the new windows host into eventlog analyzer. Do they need to be domain admins, local system admins on the host? We would like to create a login name specific to this function so it can be shared across a group but do not want to give out any elevated rights not required. hope this makes sense. thanks, mark
Eventlog Stops Collect the Data
Dear Support team, I'm using the Evetlog for almost 2 months, during this period I noticed few times (almost twice a week) the Eventlog stop collecting the data from all of my servers reporting to it. I notice this by looking at "Last Message" received time on the "Host Detail" section, however when I look at "Syslog Viewer" I still saw the logs coming in from all servers. Usually I have to start and stop the service to get it back to service. I run EventLog Build Version : 4.0.3 ; Build Number :
syslog user login information
Hi Guys, Just general question. Does syslog collect user login success and failure information? Why my cisco router doesn't log these events? seems only windows does? any ideas? user
login reporting/alerting not working correcly for aix
I have recently installed this app in its trial mode However the top users report does not appear to work shows one row 'arded' only (a non existant user) with a number against it (probably the total) but cannot drill into the actual data - comes up empty - is there a way to fix this. Also the perdefined alert for failed logins doesnt work for aix unless you change the severity from notice to information. It would be better if the occurences criteria for alerts were per userid too Regards Rebekah
Windows Script Host Error
I have install the latest version of ELA on a server running Windows Server 2000. Memory installed is 768MB with 80GB HDD. This setup is for evaluation of 5 hosts to see the stability and ease of administration. OK now the issue i have is that the amount of physical memory is never enough. Its being consume mostly be java.exe, sysevtcol.exe and mysqld-nt.exe. Now my evaluation server is so slow i cannot even login. I also been getting a Windows Script Host error provided here. Script: C:\AdventNet\ME\EventLog\bin\configureODBC.vbs
Can i run eventlog and firewall analyzer on the same server
As subject, cn eventlog analyzer and firewall analyzer both be ran on the same server? Thanks Chris
Mail Server Setting
Hi there; From my system I can telnet to owa1.lasalle.edu.sg at port 25 and I even provided the authentication credentials as shown in the err1.jpg file. I am wondering why the error msg appears? I have tested it several times but to no avail. Any advice is appreciated. BTW I am on build 4030 recently installed for evaluation purpose in my work place. Thanks, YeeJH
Customizing / rebranding
Hi, Just testing Event log Analyzer4. Is there a way to change the logos in the reports so show my company logo and name and maybe also change the reports titles ?. Thanks Gus
Import Linux Logs
Is there a way to import old linux logs? I've got nearly 7 years worth I need to get into the software to decommission an older machine. Thanks!
ELA 5.0 Beta available (MSSQL db, Application logs support)
New Features and Enhancements of the upcoming release, Eventlog Analyzer 5.0 The general features available in this release include: * Support for importing and analyzing application specific logs (IIS web server and MSSQL database) * Support for MSSQL as EventLog Analyzer database * Support for Windows Vista Events * Support for customizing and scheduling predefined reports (including trend and top reports) * Framework for adding new compliance type * Support for customizing and scheduling compliance
Custom Report Lookup Event
Hi.. We own EA 4 and I am auditing EVENT 560 from our file server.. I have been doing this for about 1 month now and need to run a report so i can see who deleted a file.. How can I search within the whole date range instead out going page by page... There are 19000 pages to search.. not fun.. tks
Software quits working after license expiration?
We purchased ELA quite some time ago, probably July 2006. The license expired sometime in the last few months anyway. Now the software won't even bring up a login page, let alone do what we paid for it to do. Are you telling me that the software quits working when the license file expires? Why was the license described as being for "updates and maintenance" only then? It's not legal for you to disable the software due to an expired "updates and maintenance" license.
Error while unpacking
Attempted to install EventLog Analyzer 4, build 4030, on Windows XP Pro workstation. The installation gets to the point of "Unpacking Jar Files," then it results in the following severe error: "Error while unpacking" (see attached screenshot of error). I tried setting TEMP & TMP PATH variables at a command prompt, but this did not resolve the issue. How do I resolve this?
Low Disk Space Alert!
We have been getting feedbacks on the new "Low Disk Space Alert!" feature from few of the users of Build 4030 of EventLog Analyzer (especially on Windows 2003 installations). The most frequent complaint is that this alert is either intrusive or erroneous. Note: If you feel that the alert is neither intrusive nor erroneous, you can ignore it by clicking the OK button. In order to disable this alert, follow the below steps: 1. Stop the Eventlog Analyzer server/service. 2. Check the task manager for
admin Password Reset
Could you please send me the admin password reset Steps (AD Manager Plus)
Convert Archive to CSV
Is there a way once you have loaded an archive to export it to a csv file?
generating new alert profiles automatically
Hello, I need to generate new alert profiles automatically (from a tool I am developing). Please let me know how I can do it automatically instead of using new alert profile wizard. Is there any file my program can update to insert new profile programmatically? Thanks!
MAJOR SECURITY HOLE IN BUILD 4030
EventLog Analyzer build 4030 for Windows (and possibly Unix/Linux) ships with an alarming and glaringly obvious security hole. The mysql instance is configured by default to accept remote connections, and again, by default uses a username of "root" with a blank password. The implications of this should be fairly obvious to anyone reading this post, and SHOULD have been obvious to the Adventnet developers. Any attacker, having compromised a host with network access to the EventLog Analyzer host would
Firewall Analyzer Alerts
Hi -- We are evaluating FA and I am trying to configure alert.. Basically I want to be alerted by email anytime a Critical or Warning is sent from my Firewall to FA I cant't get this to work using the filter.. Help Dom
Issue with Custom Report from a Domain Controller
Good Day, I have created a series of custom reports for SOX Compliance for the servers that we have listed there. Everyone of them works perfectly with the exception of our domain controller...I will give you the steps i used and the results.. Go to the Reports Tab, clicked "Add New Report" Gave it the name Compliance Report 06 Selected compliance report from type Selected the server from Windows Group and clicked next Selected Daily the time to run and previous day for the top section Entered email
Custom Report
When creating a custom report and exporting out to PDF, it includes "important information" which was not requested. For example I do a custom report against the domain controllers for event id 627 (or security events with filter "change password attempt" I get the correct information under all events, however when i download the report I also get "important information". I just want a report on event id 627 or filter words "change password attempt"
Cannot move hosts to groups
I had all my hosts split into 4 groups. Suddenly all 4 groups are empty. The default group only has 1 host. When I go to assign hosts, only the host in the default group is available. And no hosts are listed in the "Selected for this Group" side.
NAS Support
If I install event log analyzer will it support keeping the data on a NAS drive? I understand if the device is seen as a drive letter will install but is there any kind of latency issues with writing the data over the ethernet network rather than a local disk drive? Is there any official documentation on this topic? Are there any limitations to messages per seconds for this applications?
cisco router syslog message delay or missing
just download free build version 4.0.3 test with our cisco router, checked config correct in my router and syslog send to EvenLogAnalyzer and Kiwi SyslogD, KiwiSyslogD show the message at once, but EvenLogAnalyzer few message show at once, mostly delay more then 5min to show in web gui and few was missing too. any idea ? thx kk
installation question
I have a VM server to use with this product. If I install the application on the C: drive how do I keep the data on my D: (San) drive?
Eventlog Analyser - Time Mismatch
Time Mismatch between 9 system(s) and the EventLog Analyzer server I'm running Eventlog Analyser trial. I'm using suse linux. I'm gathering logs from windows hosts using snare. When I happen to enter the server I receive this error: "Time Mismatch between 9 system(s) and the EventLog Analyzer server." But it seems that all the logs are where they should be, and the servers have their time clock sincronized. What should I do to get this error message out?
Cannot delete host created
I cannot delete a windows host I added to LogAnalyzer. I tried deleting it using the red X, I've also selected the host from the home page and hit the red X. It confirms the deletion. but if I go to another screen say like other hosts it is there again. I click on the home button and it is still there. I've tried loggin out after I deleted it and back in, still there. I've tried to delete everywhere I see it and then when I try to readd it says it still exists.
Cannot Delete Custom Report
Post subject: Cant delete custom report by "wchung " on Thu May 03, 2007 states an error while deleting a custom report, I'm having the exact same trouble. Below is the error , please help HTTP Status 500 - -------------------------------------------------------------------------------- type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception javax.servlet.ServletException: SQLException occured while retrieving
Custom Report by Event ID has unnecessary information
HI I need to generate reports for user logon/logoff information (both failure and success) and send auto-mails to designated persons. I'm generating a Custom Report using the following filters Event ID - 538 & 680. Deselected everything under Event Type / Event Severity Message Filters - I entered only the usernames for which I need the logon/logoff information Deselected everything under Filters for Syslog Hosts Scheduled the report to run Daily at a specified time to generate report for the last
Userenv event not showing username in event body
Hi Is it possible to show the user Column information with each Event. We have a specific need with the events Userenv (1506, 1511) in the application log, because they event body text doesn't show user information. Thanks /Jesper Graff
New build release
what is the timeline for the new build release? also, what are some of the new features?
Userenv event not showing username in event body
Hi Is it possible to show the user Column information with each Event. We have a specific need with the events Userenv (1506, 1511) in the application log, because they event body text doesn't show user information. Thanks /Jesper Graff
remote syslog-ng server exporting logs to EventLog Analyzer
I thought you could use Eventlog Analyzer with a log server aka syslog-ng that is hosted on another server? In addition I have having a hard time creating reports for Cisco Devices. Is there no pre-defined Cisco Reporting functions? Any Help would be great. Jaime T-Mobile
Next Page