Import alllog from file NFS
Dear Support Team! I configure a shared file containing all the logs of other servers and now how to import all these logs into the files I formatted u01.log, u02.log, u03.log I want to choose *.log, so that later when I configure a new server it will
Permission to push Windows agent
When trying to install the Windows agent from the agents screen it's failing every time. I have a service account configured in ELA and on each server the use is a member of DCOM and Event Reader local groups and has the correct cimV2 namespace permissions.
failed upgrade
Hi, We have installed eventlog analyzer: Build Version :12.4.7 Build Number :12477 Service Pack :SP-12.4.7.7 Database :POSTGRES Build Date :Sep_12 Build Type :64bit Installation language :English In an attempt to upgrade the version to 12.5.0 the process
Eventlog Analyzer not starting
Eventlog Analyzer service cannot be started. When I tried to start the service it did not start "run.bat" because of EAService failure. See the below Log: Starting Server from location: C:\ManageEngine\EventLog Analyzer This copy is licensed to *****
Web interface not showing any data.
My client's ELA is currently suffer an unknow problem where collected data are not showing in the web interface, and it's showing " Some data are still being loaded by the search engine. Please wait for the process completion.". We rested the ELA once,
Problem with EventLog Analyzer License
My subcription to EventLog Analyzer finished on july the 30 2024. I renewed my license the week before the end of this subcription. I received my renewed license before the 30, but this license not working. Each time I try to renew EventLog Analyzer I
Eventlog Analyzer stopped showing Windows events
Our Eventlog Analyzer Server stopped displaying windows event logs. It stopped on the 15th last month, but we did not make any changes. We have agents installed on new windows domain attached system I created today, existing windows workstations/windows
Eventlog Analyzer export to CSV really slow..
Hi, I'm sure I'am not the only who noticed this.. Basically I am trying to export a search result about login event that is made up of about 2 million rows. Based on progress I see it should takes few hours to complete. How can it be so slow? Is there
Reset Logcollector
I am running Eventlog Analyer 9.0. I am directing both the Archive and the Index to my D: drive but the eventlog.out file has filled my C: drive causing the error “Log Collection & Import has been Stopped. Increase Disk Space and Reset LogCollector to
Heavy Disk Usage
Hello there, We are facing problems with a huge disk usage of Log360. It's at the same machine with Eventlog Analyzer. Host machine is Windows server. We are looking for a way to purge the data or shrink it or ... . No helpful option in general setting
ELA having more than 20 ms
ESX PROD My ELA server is very slow and I am trying to understand why.
Unable to read log from the newly added device.
Successfully added the Cisco device but unable to receive logs from it. What to do?
Problème export logs
Bonjour, Nous avons effectué hier (08/06/2023) un export des logs sur "EventLog Analyzer > Firewall VPN user Connected" mais les résultats nous apparaissent vides et aucune donnée ne nous est parvenue. Nous avons ensuite vérifié les bases enregistrées
Testing SMS via HTTP (to SendQuick - formally Talariax) in ELA encountered error
Hi My SMS provider is SendQuick (formally name TalariaX). In ELA , my configuration , under System Settings \ Notification Settings \ SMS Settings : a) SMS Provider : wwwwwwwwwwwSMS Service Provider b) Service Type : HTTP c) HTTP(S) Method : Post d) HTTP(S)
My EventLog Analyzer often failed
Hello. I have virtual Ubuntu 22.04 (ESXI). I installed EventLog Analyzer Server and ran it. The first-time server doesn't install like the service, but after manual installation, all went well. I run the service and logged in through my browser correctly.
Moving Eventlog Directory to another partition
Hello. I need some help or guidance on moving the eventlog analyzer. I already did but can't start the service it says: DAEService in the wrapper log and file not found on the serverout log. BTW, is just another partition, it's in the same server. Already
ESXi and VCenter not showing Syslog events
I have added two ESXi Hosts along with a VCenter server but no data shows on the Syslog events. ESXi and VCenter configured to send logs to the Syslog server. Get an error when trying to verifying Login after adding VCenter through Settings | VM Management
EventLog Analyzer: Log Receiver status of server is fail How can I fix them
Hi everyone, I have a problem, I found that Eventlog Analyzer didn't collect log from my server. So, I tried to fix the problem and found status of server was failed in Log receiver page. At first I fixed this problem by restarting Eventlog server,
No se puede eliminar un equipo del audit, el equipo no se encuentra en el eventlog.
My Event Log Analyzer is not collecting the syslogs
The Port 514 is Open, still the meraki device is not getting integrated
EventLog Analyzer No Longer Collecting Events
Has anyone experienced this same issue? There are no other details provided from the SIEM other than 'Internal Error'. This just randomly started happening a week ago and bombards our email account with 400 emails a day saying logs cannot be collected.
ManageEngine service not starting on "Managed Server"
Hello, We have 1 admin server set up as well as 1 managed server. I have the license successfully uploaded into the admin server. Build 12.2.0 The two issues we are having are: On the admin server, all of the tabs except Dashboard and Support are grayed
Issues with product After build 12217
Hello. After build 12217 we have been facing some issues with the product. 1: Incidents evidences or notes generated before applying the update were gone, just the incident empty. 2: Failed Attempts to synchronize with Advanced Threat Analytics. 3:
DAE Service does not start
Hello, I am using 12120 version. After about 2 weeks I saw no any messages during the last day. Messages are delivered correctly due to I saw Log Analyzer. I saw error - "Cached record limit exceeded. Kindly do the needful". I did everything regarding - https://pitstop.manageengine.com/portal/community/topic/es-cachedrecord-has-crossed-its-threshold-limit So I added more memory into these 2 configuration files and stop service via /etc/init.d/eventloganalyzer stop. Now I cannot run the DAEService
eventlog analyzer\server\tmp folder has millions of files
I was looking at where space was being taken up, and found that this folder has 23 million files and consuming 180GB. What is the purpose of this folder and can I simply delete these files?
CSV/PDF export not working
Hello, after updating from build no. 12158 to 12163, this feature (CSV/PDF export) does not work anymore, the error says: "Failed to raise the export request." This is in the "Alerts" tab.
Upgrade issues
I was advised by support that to fix a problem I needed to upgrade from build 12417 to 12158, and in my feeling that was the worst thing I ever did. As now I have 4 of my disturbed servers that are not online and in the Data Collection Status i see a
Syslog Devices are not forwarding logs to Eventlog Analyzer
Dear My Colleagues I have Eventlog analyzers and I added several Redhat servers but the logs are not collected and syslog count is zero . I check the syslogs.out file and I found this error [4744][UDPCollector::WSAGetOverlappedResult][Error]0X2738:A message
Installtion
Hi All, Recently I installed Event Log analyzer and noticed that some other products also installed Log 360, AD audit do we need Log 360 for event log analyzer to work, because Log 360 requires additional license please advise
Problem while starting database
Dear ManageEngine support team, Good morning. I'm installing EventLog Analyzer on Centos 8.1 . But I have trouble when start service. After installation successfully, I run command : run.sh but have trouble: " Problem while starting database. Please check pgsql/data/pg_log/ for more details. Problem while Starting Server System halted " Please refer the image below. Please help me to fix it. Thank you!
File- \\...\ManageEngine\EventLog\logs\serverout_DATE ...writing HUGE files (60GB+)
We have a log file (serverout_Date.txt) in our \eventlog\logs\ folder that is suspending server operations because it is filling the hard drive with huge amount of repeating errors. Is there a patch or fix for this?
Add cybeoam or sophos device to eventlog analyzer
Hey Guys! I've added a cyberoam firewall device to EventLog Analyzer according to instruction on online help. Now syslog messages is being received but rhere is no report on Sophos reports tab. All i get is raw syslogs on unix/linux section. I want reports on allowed or denied traffic not just syslogs! Has anyone succeeded to do so?
EventLog Analyzer 32-bit agent
Hi, I tried to install the agents on Windows 32-bit but the installation failed because the agent specified for 64-bit. Any way to install the agent on 32-bit?
Agent Stopped
Hi, I'm wondering why the agents become "stopped" in eventlog analyzer. Although I strat it many times.
EventLog Analyzer and AppLocker
Hi everyone, I have a trouble with setting up Windows Event Log Reports. I need to see AppLocker/EXE and DLL and AppLocker/MSI and Script events in Application Whitelisting. But when I created new registry keys "Microsoft-Windows-AppLocker/EXE and DLL" and "Microsoft-Windows-AppLocker/MSI and Script" in "HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Service > eventlog" using this manual - https://www.manageengine.com/products/eventlog/help/StandaloneManagedServer-UserGuide/EventLogAnalyzerReports/configuring-out-of-the-box-reports.html ,
Add Weblogic app to eventlog analyzer applications
Hi there. I was wondering if I can add Weblogic app to eventlog analyzer applications. I already tried to use another application and choose Oracle application but that's didn't work. Thank you
Error: unable to process update Request in Configure "Event Source File"
Hi, My lab Contain these objects: 1. Server 2016 2. Event log analyzer Version 12.0.5 (created in virtual machine on vmware 6.5) 3. Ethernet network with some switches and vlans 4. Target servers created in Vmware 6.5 u2 as virtual machine When I want to added some devices (for example windows 10, server 2016, Cyberoam UTM) to event log analyzer and I am going to configure "Event Source File" for them from this path: Settings → configuration → manage device→ windows device→
Switch log time and mail alarm content time do not match
when I manually close a port on the switch, the log generated is as follows 【Nov 28 2019 10:05:03+08:00 HK_1F_M01_D16_HW5720 %%01IFNET/4/IF_STATE(l)[0]:Interface Vlanif15 has turned into UP state.】 However, in the "eventlog analyzer", it is shown as follows! Time does not match. How to set it? Thank you very much.
Eventlog Analyzer not starting
Eventlog Analyzer service cannot be started, Hard disc space was full then I have expanded the space. When I tried to start the service it did not start "run.bat" because of DAEService failure. See the below Log: Starting Server from location: C:\ManageEngine\EventLog Analyzer This copy is licensed to ***** Modules already Populated Persistence [ LOADED ] SQNS [ LOADED ] Audit
ES\CachedRecord has crossed its threshold limit
I'm having issue that Logs are not proceed and getting alert "Cached record limit exceeded. Kindly do the needful." i'm using latest version 12115
Next Page