Migrating Database to a new drive?
Are there any tutorials on migrating the database to a new drive? I plan on installed a larger (secondary) hard drive onto our server and would like to move the ELA database over there. Does this require any uninstallation of the server? Thanks!
Introducing Version 2 APIs in EventLog Analyzer – Enhanced Capabilities & New Endpoints
We’re happy to announce the release of Version 2 APIs for EventLog Analyzer, now available with new endpoints, improved functionality, and expanded use cases. To help users get started faster, we’ve also published ready-to-use Postman collections with
You’re invited – ShieldNXG Workshop 2025 (USA) | Hands-on cybersecurity experience
Hello, We are delighted to invite you to our upcoming ShieldNXG Workshop 2025 – USA. This event is designed for IT experts and focuses on advancing identity management and strengthening cybersecurity practices. Guided by experienced IAM and SIEM specialists,
Feature Announcement: AI-powered Zia Insights is now available in EventLog Analyzer
We’re excited to introduce a powerful new addition to EventLog Analyzer that will redefine how your SOC investigates and responds to threats: Zia Insights, a contextual AI capability designed to deliver fast, meaningful, and actionable investigation support.
EventLog Analyzer abnormal
I use EventLog Analyzer。Now the following error is prompted, how do I handle it. The ES \ CachedRecord folder has exceeded its threshold limit. This will affect real-time log processing and alerting.
[ManageEngine] The One Seminar Your Security Team Shouldn't Miss
Hello, We’re pleased to invite you to our upcoming IAM and Cybersecurity Seminar in Auckland. This in-person session is designed for IT and security professionals looking to sharpen their identity and threat defence strategies. What to Expect: • Live
[Security update] Log360 Cloud Threat Analytics authentication
EventLog Analyzer customers using the Advanced Threat Analytics add-on with Log360 Cloud Threat Analytics are required to update to version 12550 or later for improved authentication security. The new version enhances security by introducing IP restriction,
[Announcement] Upcoming agent security enhancements
Hello everyone, We’re reaching out to inform you about an important update that may affect your current deployment of EventLog Analyzer. As part of our efforts to improve platform security and streamline support, we will be deprecating agent installation
Security advisory for remote code execution vulnerability (CVE-2022-1471) in ManageEngine EventLog Analyzer
Security advisory for remote code execution vulnerability (CVE-2022-1471) in ManageEngine EventLog Analyzer Vulnerability Details Product name EventLog Analyzer Severity Low Affected software versions 12523 and 12524 Fixed version 12526 Fixed on 23/12/2024
Enhancements and Fixes in EventLog Analyzer's new build!
The latest release in ManageEngine EventLog Analyzer includes important enhancements and fixes. Enhancement: The bundled PostgreSQL version has been upgraded to 14.12. Check out the full release notes here. Highlights from other recent EventLog Analyzer
Malwarebytes integration issue
I installed Malwarebytes and it discover some malware and ip addresses which marked as malicious. But when I got to ELA reports -> Threats -> Malwarebytes It says "No report data found." Any ways to show the data?
Eventlog Analyzer stopped showing Windows events
Our Eventlog Analyzer Server stopped displaying windows event logs. It stopped on the 15th last month, but we did not make any changes. We have agents installed on new windows domain attached system I created today, existing windows workstations/windows
Reset Logcollector
I am running Eventlog Analyer 9.0. I am directing both the Archive and the Index to my D: drive but the eventlog.out file has filled my C: drive causing the error “Log Collection & Import has been Stopped. Increase Disk Space and Reset LogCollector to
EventLog Analyzer’s 2023 in Review
2023 has been a year of significant advancements and improvements for EventLog Analyzer. With a host of new features, enhancements, and fixes, EventLog Analyzer has fortified its capabilities, offering a more robust and efficient solution for log management
Commnad Line Audit
How do I audit Command Line through ELA?
How to calculate my current events per second?
How to calculate my current events per second?
Unable to read log from the newly added device.
Successfully added the Cisco device but unable to receive logs from it. What to do?
Problème export logs
Bonjour, Nous avons effectué hier (08/06/2023) un export des logs sur "EventLog Analyzer > Firewall VPN user Connected" mais les résultats nous apparaissent vides et aucune donnée ne nous est parvenue. Nous avons ensuite vérifié les bases enregistrées
Removing Workstations from Server Audit in AD Audit Plus
I just installed Log360 and it populated my workstations automatically. But it pulled a bunch of old disabled workstations from my Active Directoy. I and goto Server Audit and then Configured Servers and Clcik Workstations. Here I try to delete any workstaton
what should be Specs of my Windows Host Machine where i would install EventLog Analayzer Application and manage logs
Dear Team, what should be Specs of my Windows Host Machine where i would install EventLog Analayzer Application and manage logs. Below is the detail of myd evices etc. I have an Oracle EBS Suite Configured on Linux machine. I have total 11 Devices: *
Help setting up alert to display Server Reboots?
I am trying to setup up ManageEngine to send me an email alert when a server goes offline, and one when it comes back online, I have tried adding the following event ID's and restarted a server but it doesn't send the email through. The email alerts are setup fine though because we have a lot of other alerts setup, could someone possibly share how they are currently getting the alerts to work when the Server reboots? Event ID's I've tried: Event ID 6005 Event ID 6006 Event ID 6008 Event ID 6009 Event
Microsoft Sysmon logs
Dears, Does Eventlog analyzer supporting parsing Microsoft Sysmon logs that help in forensic investigation ? I checked but couldnt find anything related to it. https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
Custom table style view for reports
É possível criar uma visualização de widget de tabela para um relatório personalizado? Se sim, como posso fazer isso?
ESXi and VCenter not showing Syslog events
I have added two ESXi Hosts along with a VCenter server but no data shows on the Syslog events. ESXi and VCenter configured to send logs to the Syslog server. Get an error when trying to verifying Login after adding VCenter through Settings | VM Management
No se puede eliminar un equipo del audit, el equipo no se encuentra en el eventlog.
ingest text files
I have enable powershell logging and when it is executed, a file is dropped onto a network share. A folder is created for everyday and the file name is the system.randomstring.datatimestamp.txt The file contains system info, user data, starttime, and
My Event Log Analyzer is not collecting the syslogs
The Port 514 is Open, still the meraki device is not getting integrated
EventLog Analyzer No Longer Collecting Events
Has anyone experienced this same issue? There are no other details provided from the SIEM other than 'Internal Error'. This just randomly started happening a week ago and bombards our email account with 400 emails a day saying logs cannot be collected.
eventlog analyzer error on add Vcenter 7.0
Hi guys i have upgrade vsphere vcenter to 7.0 version 16189207 after upgrade event log analyzer cannot read log and i try to delete it and add again i deleted successfully BUT when i want to add again and click to verify login, show me error : ( Failed due to either wrong username and password (or) the server may be down! ) i used administrator@vsphere.loca user and i sure about password and network connection is OK eventlog analyzer version : 12050 how can i check log for add device OR add Vcenter
Eventlog Reader group and not full admin rights
I can't get Eventlog Analyzer to view remote computers without making the account with full admin rights. How do I make it so that it only has the minimum permissions? I tried adding the user to Event Log Readers, Distributed COM Users and Remote Management
build 12208
after upgrading to build 12208, connection error. can't click on devices, nor anything else.
log4j
Hi there, I have seen and implemented the fix for AD Manager but I also need a fix for eventlog analyzer and elastic search/log 360 under the Managine Engine folder. Do you have the requirements for these?
Looking back at 2021 for EventLog Analyzer
Hello everyone, We are excited to share with you that our log management solution, EventLog Analyzer has had yet another great year. Apart from being named in the 2021 Gartner Magic Quadrant for SIEM, we've also built new features that can help better
Does the EventLog Analyzer contact the Domain Control each night at a set time?
Have an odd error on my domain controller, originating from the ME Log analyzer PC each night at 10:00 PM. Each night the Domain Controller list an error "A client made a DirSync LDAP request for a directory partition" Source: Microsoft-Windows-ActiveDirectory_DomainService
Powershell execution
Hello guys, I have a problem with powershell execution in workflow Any script that i running i receive the following error: Executed. C:\ManageEngine\EventLog : The term 'C:\ManageEngine\EventLog' is not recognized as the name of a cmdlet, function, script
Security Advisory - EventLog Analyzer versions 12200 and below.
We have addressed a recently discovered authentication bypass vulnerability affecting the REST API URLs in EventLog Analyzer. This article provides more information on the issue and how to resolve it. What is the issue? An authentication bypass vulnerability
Importing data from old ELA set up.
I had to reinstall ELA from scratch after a hard drive failure. I was able to copy most of the old install's file structure before the drive finally died. Is there anyway to import the old data from those old directories?
Upgrade issues
I was advised by support that to fix a problem I needed to upgrade from build 12417 to 12158, and in my feeling that was the worst thing I ever did. As now I have 4 of my disturbed servers that are not online and in the Data Collection Status i see a
Syslog Devices are not forwarding logs to Eventlog Analyzer
Dear My Colleagues I have Eventlog analyzers and I added several Redhat servers but the logs are not collected and syslog count is zero . I check the syslogs.out file and I found this error [4744][UDPCollector::WSAGetOverlappedResult][Error]0X2738:A message
Microsoft-Windows-Eventlog : Audit events have been dropped by the transport. 0
What dis this mean and should I be concerned about this. We have just installed the distributed version and I am new to eventlog analyzer. I ma alos looking for some good online vidoes that shows me how to use this and what is required to configure the
Next Page