User Accounts - More Control Needed.
Hi, It would be benifical if we could allocated devices to specific users ratther then a Guest or operator account. Members of our team only need to view the Syslogs from a few systems and not them all. Is there a way that this can be set? Also, is it in the pipeline to allow us rebrand ELA the same way we can in Opmanager and Device Expert ? cheers, RH
When the log collector stops?
When the log collector stops and you start it in the web...what is that link acutally doing. I'd like to write a rule or create a script to try restarting it again, instead of it waiting for me to restart it again. Thanks, Aaron
Meeting Regulatory Compliance w/EventLog Analyzer
Hi All, EventLog Analyzer is a good product and I their support is responsive. However, one area I am having difficulty addressing with the product is regulatory compliance for log integrity. Most regulations require that the integrity of logs be maintained. I was wondering if anyone could share how they are addressing this with EventLog Analyzer. Is anyone encrypting archive files and creating Hashes on them to prevent tampering? Is anyone encrypting the database? Input would be greatly appreciated
EventLog Analyzer 6 - Database filters don't works
EventLog Analyzer 6 - Database filters don't works Hi, I am testing the free version for EventLog v.6 after migrating trial version v5. The problem is that Database filters don’t works for router host (syslog type). I mean, all events are been recorded in the database, so the database is too big for my purposes. Is it a bug in the program?. The filter is “Drop the Logs containing : m=82,m=14 Match Any Match All”, and filter by “local 0, emergency, alert, critical and error”, but
Access Denied on Server 2008 box
Hi, I am having an issue where I get an access denied when connecting to the local machine that web analyzer is running on. I have tried connecting with no user name and password (because I am connecting localhost with no joy). I have run the wbemtest tool and can connect with no errors without using any login details.. When I run the query Select * from Win32_NTLogEvent from the event logs are pulled in fine. However I still get access denied from the add host screen. Please help.
Terminal Services Logging
I purchased Eventlog Analyzer for mostly for simple reporting and compliance options however I am not seeing any logon events around our Terminal Services sessions. This is the vast majority of our users and really is what we need the most auditing of is this possible with Eventlog Analyzer?
ManageEngine Announces the Availability of EventLog Analyzer 6.0 Beta Versions
The EventLog Analyzer team is happy to announce the Beta Release of the latest version 6.0 This release is yet another milestone with Enterprise Edition with distributed deployment setup for large enterprises. The Standalone version, packed with powerful features, is available. If you'd like to try the Beta Version of EventLog Analyzer 6.0 of Standalone and Enterprise Editions, please contact the support team at eventloganalyzer-support@manageengine.com The support team will provide you the download
Manual import of SNARE Syslog Files
Do you support the manual import of Syslog files from a SNARE Agent?
Firewall onto Syslogs Server on Eventlog Analyzer v5.0
Hi, I have got ASA5510 Firewall / ISA 2004 and Kerio WinRoute Firewall I have download Eventlog Analyzer v5.0 Trial Version and Installed on 3 Virtaul Server. How to i get logs from all 3 Firewall onto Syslogs Server on Eventlog Analyzer v5.0 Regards, Girish Jain
Syslog listening port (Linux)
When I run ELA on latest debian, it doesn't bind to 513 or 514 udp and instead binds to some random high port. I'm running it as root. Has anyone else experienced this?
after installing eventlog analyzer in windows 2003 (error)
Hello I want to test an eventlog analyzer may be after that I'll buy it. I have a little problem with software: 1. I am installing in windows 2003 enterprise- installation finished successful 2. after install, GUI of event log analyzer oppening normaly but when I am subbmiting login/password (admin/admin ) nothing is oppening there is white screen. (I'll check that in windows service of eventlog is starting OK) 3. I have testing in Windows XP there was normal Why? may be soft is not compatible with
ManageEngine® EventLog Analyzer 6 Released
ManageEngine® EventLog Analyzer 6 Released We are glad to announce the release of ManageEngine EventLog Analyzer 6 (GA) Distributed Edition and Standalone Edition. Download Distributed Edition Standalone Edition Read More What's new in this release? 6.0.0 - Build 6000 - Distributed Edition GA release of EventLog Analyzer Distributed Edition. New Features - Admin Server The general features available in this release include, Distribution Enterprise edition provides following view for all Managed
Report for Router logs
Hi All, I am trying to create a customer report for router logs using message filters. The message filters are for events such as %ASA-config-7, %ASA-config-5, %ASA-auth-6. I can see that these events are being logged but report that is generated has no information at all and the report is empty. How do I go about in getting this report to work? Kind Regards Sobash
ELA Novel support
Hello, is it possible to monitor Novel Server Log with EventLog Analyzer ? best Regdars
Http error when connecting to website
HTTP Status 404 - /event/index2.do -------------------------------------------------------------------------------- type Status report message /event/index2.do description The requested resource (/event/index2.do) is not available. -------------------------------------------------------------------------------- Apache Tomcat/5.0.28
Event Log Analyzer Database Filter Question
I am not sure of the proper use of the database filter in order to accomplish the following goal: filter out events with a source of Security, an Event ID of 576, and an Event Type of Success. Since the interface allows me to choose EITHER Event ID OR Event Type, it's not clear to me how I can accomplish this. Thanks for any insights.
Move ELA to a new machine
How do i move my current ELA to a new machine? I need to retain all my settings, logs etc... -Aaron
Now I use Cyberoam for firewall, ManageEngine 6.0 can analyst its log?
100,000 email messages
We have eventlog analyzer 5. I had an alert that emailed me if a disk failed. Well over the night a disk failed. In the morning I had over 100k emails. Well ok I guess it was just passing on the message that I asked it to pass on. However this bottlenecked our exchange server and my mail box so they were basically unusable for hours untill I could delete the mail and stop the event analyzer from sending the email. I see that there are settings that there are settings for Number of occurrences and
SOX Compliance Reports from Linux Server
We are evaluating the ManageEngine EventLog Analyzer for SOX Compliance. Our financial system is on a Redhat Linux server and we have set the syslog up to transmit to the EventLog Analyzer. Data is flowing into the EventLog Analyzer, but is not appearing on any of the SOX Compliance reports. We note that the help section indicates that "These reports are derived based on the Event IDs.". Does this indicate that the SOX reports can only be generated from Windows servers or are there settings
Change file type on the email attachment
is there a way to change the file type on the email attachments? I dont want the reports to come as .zip files just plain pdf's
Log File pattern
Hello, I have a question concerning log file importing at multiple intervals (daily, hourly,...) : When I import a IIS W3C Web Server log file, and try to specify the Filename pattern for importing it every hours (log parameters specify a hourly creation of log files on the server) it does not work. The file name is like that for example : ex09090310.log So I specified as pattern : exyyMMddhh.log but it does not download the file again (works only for the first import). Is it because this pattern
Change TCP Port
We have a logging server that already has TCP 514 in use. We would like to demo Event Log Analyzer on this same server but need to modify the listening port to something other than 514. Changing the port for the other logging software on the server is not an option at this time. Is there anyway to configure Event Log Analyzer to use a different port?
Any timeline for a new version?
Compression rates question
Hi all, We've thinking of buying Event Log Analyser for a security conscious customer of ours. Does anyone know the following: 1) How good is the compression rate? We will be generating close to 150GB per week of Security Logs alone. 2) Is the data stored in a standard SQL or MySQL DB? We will need to backup data for historical purposes, however, this may well be over a slowish link (2MB), so compression of data at the source is again a factor. Thanks for any help, M.
Its there a search option available?
I would like to perform a search for a specific user. Is there a search option to find a specific user among the various reports and events. Scanning the logs is causing eye strain.
Report Creation Message
When I open the eventlog analyzer it hangs in "Report is being generated. Please wait" this has been happening for quite a while now
Schedule Report Problem
Dear ELA Support, I'm using Event Log Analyzer 5. I have a Schedule Report Problem. Schedule report generation only save in local disk , Don't send mail. if possible , How to configure ? Thank you! Alex
./configureAsService.sh ubuntu server 9.10
Hello I'm trying to install EA on an ubuntu server 9.10 and run in to the following problem: The install script gives me an error that it cannot install EA as an service, I checked the log and get the following error in the instserviceerr.txt: .: 8: setcommonenv.sh: not found I changed the I modified line 8 in the script from . setcommonenv.sh to ./setcommonenv.sh And reran the script hklarsen@lnx-srv-02:/srv/AdventNet/ME/EventLog/bin$ sudo ./configureAsService.sh -i /srv/AdventNet/ME/EventLog Then
Disk Space / Large Database
Hi, I received the Low disk space warning this morning. It turns out my MySQL Database is nearly 90GB. Is there an easy way to reduce the size of this, or to move it to a bigger drive? Thanks
Reports are showing multiple events for the same event.
I am looking at the logon failure report from last Sunday. We have an exemployee showing as trying to logon from outside the company with 96 individual failed login attempts. It appears that many of the failed logins are duplicate events based on on the time of day shown. My question is were there 96 individual seperate login attempts? Can we customize the report to summarize the events to show only the original login. Any thoughts or suggestions you offer are much appreciated as we are 2 weeks into
Load increase
Hello, I am testing EventLog Analyser to do security log analysis and i am worried about load increase. I would like to know what is the maximum database's size and also how many syslog messages per second our software can process.
Log Collection
My company is considering the use of EventLog Analyzer to manage events from 100 servers on our global WAN. Do you have any documents that describe how the event logs are gathered, what we might do to conserve bandwidth to ensure our WAN links are not adversely affected by the event log data transfer?
Archive Cleanup
Hello, EventLog Analyzer (EVA) doesn't prompt how long to maintain archive data. This is a useful feature that exists in the sister product Firewall Analyzer. When will this be available for EVA?
Audit Logs Access Report
Hello, Can you tell me what type of events that would be recorded in the Audit Logs Access Report. Also, what do the following events mean: Audit Logs Cleared Audit Policy Changed The users manual does not give any real detail as to what one might expect to see in the audit logs. Any feedback you can provide is much appreciated.
Can I limit the number of email alerts sent?
I have set up an alert to indicate an unauthorized access to particular systems. The event triggered and all network admins received over 900 emails since the system was attempting to be hacked. Is there any way to limit the number of emails sent out when the same error condition is found over and over?
Archive period
Hi, How often does eventlog analyzer archives logs? In what periods? (daily,weekly,after certain number of records,etc) I need to get backup of daily collected logs from database directly. So, I think that logs are stored in comp_eventlog and eventlog tables. But there are also some other tables those begin with comp_eventlog and eventlog prefixes. So which one is the correct table to get backup of daily logs? And what are the purpose of other tables? I think somehow application uses other tables
Are their any Internal Audit people using EventLog Analyzer?
I would like to find out which reports were the most useful? What type of events would an audit person be most likely to be interested in? Any feedback is appreciated. D. Johnson Audit Supervisor Community First Credit Union of Florida
filter out service accounts
Would someone be able to tell me how to filter out service accounts. Also is there an audit file to tell who has logged into the eventlog analyzer?
Is it possible to email report with CSV file (NOT PDF File)
Hi Raj Is it possible when we create a schedule we get the report in csv format and in pdf format ? Thanks
Next Page