2 problems and 1 question
I am running build 4002 on 2K3 with sp1. I have not encountered any problems with the SQL problem mentioned, but I am unable to get any syslog activity from Cisco devices to appear. I have the cisco devices configured correctly (I verified by changing the logging server to a box running kiwi), but nothing shows up in analyzer. Also, we purchased an 'unlimited' license, but the 'upgrade license' page shows a 50 device max? For the question, we purchased event log analyzer, wifi manager, fw analyzer
I can't get log from syslog server
Hi I installed EventLog Analyzer under win XP, I want get logs from syslog server under FC3, but I can't. In my Syslog server I get logs from Cisco Routers, but when I change /etc/services to port 513 UDP, my syslog server stop receive logs. then I can get the local logs form the server linux in my Eventlog Analyzer server. Can Eventlog Analyzer run under port 514 UDP? What Can I Do? Maybe in add host, I can add the routers cisco. Best regards
LOG INFO
Hi, This is an event of a client login found in my log "SysEvent.Evt" from my Server, with this hex number: {92A10540-5A35-4FF3-B25B-13B82B8286ED} dose this hex number contain info about a Specific computers IP address or NIC info and is there a reader to decipher this hex address. THX for any help you can provide Mark Here is the entire event: BROWSER MMSERV \\EMAIL01 \Device\NetBT_Tcpip_{92A10540-5A35-4FF3-B25B-13B82B8286ED} LfLe Print MMSERV ActiveTouch Document Loader/user1/Session 1 LfLe
Problem connecting to server
Hi Team, I have installed the application on a machine.Sometimes a server being monitored shows Problem connecting to server with a orange coloured circle with white dot in it.At other times the same server is well monitored and logs are collected well from it.Why is this happening?Please help. Thanks & Regards Laxmikant S G
EventLog on Win2K3 SP1
I managed to get EL Analyzer to work on Linux and to collect log. Sadly it does not work properly with Windows remote system - using an EventLog->syslog converter works but it not ideal. So, I installed the Windows version on Windows 2003 SP1 instead. But there I can't get *anything* to work! Host discovery worked, I verify that login is successful using an admin enabled account. I can't get any event logs from the remote Windows systems (all 2003 themselves with firewall NOT enabled). Then I tried
How to customise the Banner of the Eventlog Analyzer
Hi Support Team, I want to customise the Banner of the EventLog Analyzer UI.Please tell me how this can be done. Regards Laxmikant S G
Idle timeout value of Eventloganalyzer UI
Hi What is the Idle timeout value of the Eventloanalyzer UI.Is it configurable?If yes,how? thanks & regards Laxmikant S G
Wrong IP address of server
In the settings tab under host details the IP address of the EventLog Server is wrong. How do I get the IP address to change to the correct IP address. Thanks.
question regarding size of event logs
Question - can multiple scans be going on with different servers? Say server 1, 2, and 3 all have 10 minute intervals. Is that ok? Question - what is the typical speed (number of events/second scanned) that the product can handle? Is there an issue with a scan frequency being every 5 minutes and the scan taken longer than 5 minutes? I have a 1Gb network between servers - I would think it not a problem. I have been messing with the size of the event log - they were set at 1024bytes/rotating, but that
Stange IP addresses for EventLog Analyzer
Hello, We are currently testing EventLog and Firewall Analyzer. FW is going very well and was easy to get to run. EventLog is giving me a lot of problems. The server is running Redhat Enterprise Linux, and FW and EventLog are co-hosted on the same machine - it's a very powerful system. I cannot seem to receive any event log from the client systems. One is another Linux system, with syslog.conf and /etc/services configured as per the documentation. The other is a Windows system running Snare, a tool
Change Hostname
How can i change the hostname of one node in particular? updating a record in some table maybe? Thanks
The RPC server is unavailable.
I'm getting this on some machines and tryed everything with making sure the services is running and stuff. Any suggestions on what maybe causing this or any Logs to lookup where I may learn more.
HOST name change suggestion
A suggestion that should solve my problem and maybe avoid a major software change on your side without the ability to change HOST names. Should be called DEVICE NAME not HOST. Why don't you just add a field to the database called DEVICE KNOWN AS or something and make it the same as the HOST name by default and allow us to change that field. Then anywhere you have the field HOST name use the DEVICE KNOWN AS NAME and that way you don't have to make major changes by allowing us to change the host name??
Global "Search" in the product
It doesn't appear the SEARCH function is searching everything. For example, I had an item that had a PORT address in it. For Example 192.168.10.21:1234 When I searched for :1234 I received nothing back in the search. I'm I incorrect in thinking it should find ANY TEXT in the log??
"Problem Connecting to Server"
Hi, I'm currently evaluating your product. I'm having some trouble making it work with all the server i've tested. I tested it on 4 server right now: 2 DC (win2k) 2 member (win2k) DC 1 : problem connecting to server (orange circle with white square) DC 2 : problem connecting to server (orange status) but read some log data (application one) member 1 : no problems member 2 : no data, no message, icon "green" I've use the same accounts for all those machine (diff�rent administrators account) Login
Alert Profile
On the "Select Host/Group" we need the ability to have ANY as a vaild option Since we have several group and what to report on the EVENT regardless of the GROUP its in we need the ability to select ANY host/group. Current we created 9 different ALERTS for the SAME item because we have 9 different groups. This is crazy. PLEASE add ANY or allow us to SELECT multiable GROUPS. Thanks
Customise Predefined Alert Profile
I wish to edit the Predefined Alert Profiles: I can't add an Alert an a specified Event ID using a Custom Alert Profile, it would be nice if I could add my own. Is it possible to tweak this by editing the Predefined Alert Profiles? I also noticed that it is not possible to change an Alert once it has been added, this is not very practical.
Controlling amount of event log information download via WAN
Are there any way to control the amount of data download from remote server over the WAN in case it will jam up the network ? KL
error on start
On starting eventlog manager I get a message saying unclean shutdown and then an VBS error message ( screen dump provided). This also seams to be effecting Opmanager (installed on same box) as in the polling stops. Have not noticed any effect with application manager (again installed on same box) yet.
Other Windows Log Files
We have some windows servers (Windows 2000 and 2003) with several Logfiles that are stored in the Filesystem (e.g. d:\logfiles\app1.log). How can we catch those messages? Is there a way to add these logfiles to the windows event log? how? Are there free tools? Thanks
Time Bound Limitations?
Why does it say that the trial will expire in 29 days when the website inidicates that the "free" version does not have any time limitations?
shedule built-in reports for email delivery
I would like to schedule some of the built-in reports that audit login info, critcal error's, ext to be sent via email on a daily basis. It seems that as though I can schdule my created reports, I can not schedule the ones that are pre-defined and built into the application. This is a larger deal because of the extremly limited ability to customize when creating new reports. Seems to me with out these 2 functions, eventlog analyzer is not living to its full potential If anyone has found solutions
application performance
viweing reports / events. The wait can be exptremly long 5+ minutes. Is there any tweaks to get this app to preform better? required win updates? patches ? configs ? ext. Love the app but desperate to get it to preform. Is currently running on a dell 1750 with 2Gb of ram on a gigabit network being accessed from the server itself.
Collecting Logon / Logoff into the AD domain
Hi All, I started to use the demo version of your tool and I'd like to use it to monitor users activities in the domain (logon / logoff). Is it possible to do it monitoring only the domain controllers security log? or do I need to add to the monitoring all network clients? Please let me know. Regards, Cristian
Other log files
Thanks for the help on the other quies today. This one is about getting log info from my linux box's. I can get the normal syslog info from it but I would like to get info from the other log files that are in /var/logs. These files are being put there by other apps on the linux box. Any help would be much appreciated.
Cisco switch
I have two Cisco Catalyst 3750 and two cisco 3750G-TS. I am wondering if I can get eventlog to read the syslogs from these boxes and if so how?
Need more Database Filter Options
Need ability in EventLog Analyzer to have more flexibility in defining database filters. Instead of just being able to filter on Application Warnings. I would like to be able to filter on specific event types that generat a lot of usless entries such as "Norton AntiVirus Application Scan could not open file: ...:, as an example.
A Few (Hopefully Simple) Questions - ELA
I've been using the demo version of ELA for a few weeks now. I'm impressed with the product I will say. I am having some trouble though taming the powerful beast Here are my questions: 1) Is there a way to filter out only specific event IDs along with a keyword? For example, I'd like to filter out all kerberos events on our DCs. (ID=672, 673, 676, etc.) 2) Is there a way to create or edit reports under the "Ask Me" section? For example, add "events in the last hour" to "time-based events. 3) What
Some clarification needed with syslog
Hi all, Continuing with the EventLog evaluation (on Linux) I came across two issues while creating new hosts: - Is there any way of creating a host which goes to the WindowsGroup? In my particular evaluation scenario, all our windows boxes have a syslog client and act as a Un*x system, but we'd like to have them in the WindowsGroup just to tailor their syslog messages accordingly while defining alerts. - Why the Eventlog Server needs to connect to the syslog daemons of the remote hosts? I'd thought
Alert definition: Regular expression supported?
Hi there, I'm evaluation Eventlog Analyzer on Linux and I'm wondering if in the alert definition section there is the possibility of using regular expressions in "Log message contains" field. In affirmative case, which ones are supported? Thx and regards, Josep
Being logged out
Hi, I have set up Eventlog Analyzer on a WinXP Pro workstation and have successfully accessed it from a few other workstations on the network. My problem is when I log on to it from any workstation other than the one it is installed on I keep getting logged out whenever I try to navigate when I log onto it from the local machine running it it is fine; For instance I have a laptop setup for testing purposes I can access the web page, log on but when I click on compliance reports or anything else I
Audit Active Directory Changes
Good Day, I have setup monitoring of my 3 Domain Controllers, but I cannot run any reports to view Access Changes, such as changes to user group access, etc. Is this possible? Thanks!
remote server
I am having monitoring server that are locad across slow wan links or vpn links. It appears the the event log tool fails at the login stage
MySQL Bug in Win 2003 SP1
Dear All, If EventLog Analyzer is installed on a "Windows 2003 with SP1" machine, you may face issues with EventLog Analyzer login. This is due to a bug that has been identified in MySQL, the details of this bug is available here. As of this moment MySQL AB has not released a patch for this issue. Work around is to use mysqld-debug.exe instead of mysqld-nt.exe. Please note,there is a 20% drop in performance by using mysqld-debug.exe over mysqld-nt.exe. So in the larger interest of our user community
ManageEngine� EventLog Analyzer 4 - Build 4002
Dear All, We are happy to announce the availability of ManageEngine� EventLog Analyzer 4 - Build 4002. The Feature Additions to this build are as follows : >> Global "Search" in the product. >> Desktop Tray Icon for Windows. >> Automatic web-client connection, using the default browser, once the server has been started. >> FTP Utility added in Support tab, to send the support information file. >> Supports event log analysis of : HP-UX, Cisco Switches and Routers. >> Compliance Alerts added in the
EventLog Analyzer 4 on Win2003 Sp1 (Some issues)
Hi! First of all, thank you for your helpful product and, as I've noticed in this forums, outstanding support and advices.... Our company is quite interested (my department in particular) in using your products - right now we are interested in EventLog Analyzer (ELA) and FireWall Analyzer. About 3 weeks ago I started using ELA on Win2000 Server Sp4 with 256 Ram (old test server, indeed) - and it worked like a charm, and I mean it. Perfect availability 24/7, pretty stable and fast (to make a final
Changing IP Address
Hi There, Is there any way to change the IP address of a server? I have a few that I've just moved, but I want to keep the current stats for. Cheers Tim
Daily system problems with Analyzer and OpManager
We have been 'attempting' to run EventLog Analyzer and OpManager on the same server. We have followed ALL the instructions in regards to the ports, system configurations, etc. Every morning we go to login to EventLog Analyzer - put in username/password. Error comes up: "Invalid loginname/password". 50% of the time, OpManager is down. We've also checked for ntsql-nt.exe and SysEvtCol.exe. What do we need to do to make sure we can login to EventLogAnalyzer, and not have to REBOOT every morning?
opmanager and event analiser
Is it possible to get event analyser and opmanager working on the same machine? If I get one going the other seems to stop!!!!
New Build
Hello: I have been reading posts with expected new features. When is new build (version) coming out?
Next Page