EventLog Analyzer 4 on Win2003 Sp1 (Some issues)
Hi! First of all, thank you for your helpful product and, as I've noticed in this forums, outstanding support and advices.... Our company is quite interested (my department in particular) in using your products - right now we are interested in EventLog Analyzer (ELA) and FireWall Analyzer. About 3 weeks ago I started using ELA on Win2000 Server Sp4 with 256 Ram (old test server, indeed) - and it worked like a charm, and I mean it. Perfect availability 24/7, pretty stable and fast (to make a final
Changing IP Address
Hi There, Is there any way to change the IP address of a server? I have a few that I've just moved, but I want to keep the current stats for. Cheers Tim
Daily system problems with Analyzer and OpManager
We have been 'attempting' to run EventLog Analyzer and OpManager on the same server. We have followed ALL the instructions in regards to the ports, system configurations, etc. Every morning we go to login to EventLog Analyzer - put in username/password. Error comes up: "Invalid loginname/password". 50% of the time, OpManager is down. We've also checked for ntsql-nt.exe and SysEvtCol.exe. What do we need to do to make sure we can login to EventLogAnalyzer, and not have to REBOOT every morning?
opmanager and event analiser
Is it possible to get event analyser and opmanager working on the same machine? If I get one going the other seems to stop!!!!
New Build
Hello: I have been reading posts with expected new features. When is new build (version) coming out?
Eventlog support double-byte windows event log ?
I did try this version , it doesn't support double-bytes event log. Which version will be supported double-bytes ? thx !!
MySql port 33335
Hello, I have install ELA on the same machine that I have OpManager but there seems to be some problem. Is it possible to have ELA and OpManager install ont he same server? ELA is giving an error stating "Unable to start MySQL server on port 33335. Please free the port" Since both OpManager and ELA uses MySQL, could this be a problem? Sheyee
Different component of EventLog Analyer
Hello! I have downloaded and installed your software. I have a few questions. 1) Since it's agentless, how does ELA pull the log files from servers? If script are used via WMI, what is the impact (high CPU usage, memory, etc) on the server that the logs are being pull from? Which server bear the burden on the workload? a) The server where ELA is installed b) The server where ELA is pull logs from 2) You mention port 513 is needed? Do I need to configure this on the Windows server? 3) I have tested
Host Groups display null
Help me!!.. My analyzer report nothing, cause i accidently i change the host group to similar name of Windowsgroup, pleas ehow to get back the info without readd back the host???
MS SQL server as database server
Hi, Are you planning to add possibility to use Microsoft SQL server as database engine in future realeases?
Host stuck in "Logging about to Start" status
I have just installed the EventLog Analyzer and I am having trouble connecting to two hosts. I can attach to the local host, but nothing else. I have confirmed the username and password. Please help. I hear GREAT! things about your products and this is the first time I have experienced any problems. Thanks for your help!
Eventlog Analyzer performance
Are there any tuning paramters available? It seems that report queries take an exceptionally long time to process - up to 2 minutes. For an HP DL380 G4 system running dual CPU / 2 GB Ram you would expect quicker response.. Also - all my custom generated reports that are sent out as PDF files via email fail to open with Acrobat reporting a file read error.. Any ideas?
Feature Request / Issues
Hello: We are evaluating EventLog Analyzer and so far we really liked the product. Few issues/feature we would like to request: 1) I cannot see any Database backup script in bin directory. It would be quite useful to have (similar to OpManager and ServiceDesk) which we can schedule it to our liking via windows scheduler. 2) It would be nice to have Archived Files to be saved over network drive (directly configurable) from EventLog Analyzer? 3) We find that Reports page in EventLog Analyzer comes
View event logs prior to EventLog Analyzer installation
Hello, I was wondering if it's possible to view /create reports prior to the date when EventLog Analyzer was installed. Currently I can view only from the date of installation, however I'd like to go a few days back. Your input is much appreciated. Daniel PS: Great program.
The "request Scan banner"
When I click "scan now" I see a green banner pop up and see "Scan Request Placed for server X" - where do I go and see that the scan is occurring? In other words - how the heck do I know it is scanning? I can see the events on the server, but "Next Scan On" and "Last Message On" show old old times. Also, after installing and uninstalling, I see an image of "report being generated" - like a machine running paper through something - it is a very quick image or something to that effect on the first
\n special character
Dear, I installed EventLog and OpManager on the same machine, but I found the EventLog displayed event message always with \n, below is an example Privileged object operation:\n\n\n\n Object Server: Eventlog\n\n\n\n Object Handle: 0\n\n\n\n Process ID: 260\n\n\n\n Primary User Name: SERVER01$\n\n\n\n Primary Domain: DOMAIN\n\n\n\n Primary Logon ID: (0x0,0x3E7)\n\n\n\n Client User Name: USER01\n\n\n\n Client Domain: DOMAIN\n\n\n\n Client Logon ID: (0x0,0xFE6767D5)\n\n\n\n Privileges: SeSecurityPrivilege\n\n
new patch for passwords that have a numeric zero
you mentioned on the phone that there was a patch to accommodate or handle passwords that have a numeric zero "0" as a part of the password. What is the status of that patch? thanks
how do enable EventLog listener port 513 on W2K
Howdy, question - the readme doc notes that EventLog listener is port 513. I have cports running and I do not see it. I have confirmed that I can access the server where the eventlogs are located thanks
graphs not showing warnings/errors
I have been able to successfully access several servers as part of the product test and it looks good. I see the "successes" and "informations", but I do not see anything thing else in the graph. Now, I can go to section immediately below the graphs and click on errors and warnings and see the detail. Why are not those showing in the graphs? thanks
Database Filters
Hello: Can you explain exact functionality of Database filters? The way I understand is that it will filter out events before they are stored in Database however it cannot filter incoming events, let me know exact operation. One issue, I faced was that when I created database filter for filtering out unwanted events and click on "apply" all the servers/devices showed "Orange" status and stopped collecting logs. I then deleted the filter and restarted the EventLog Service and then servers started
monitoring Log4J and Oracle trace files (text files)
Hi there, How would I monitor Log4J and Oracle trace files (text files) using the Eventlog Analyzer 4 product?
Share Database
Hello We have working stable version of OpManager running on server, is it possible to install EventLog analyzer, for trial, on same machine without any risk of breaking OpManager. What is safe proceedure so that database instances are separate (changes on EventLog analyzer side only) Thanks
syslog host question
Are all hosts that support syslog supported? For instance, can I point FreeBSD and m0n0wall machines to EventLogAnalyzer and have their logs analyzed and aggregated as well?
SOX Compliance Reports
For the SOX Compliance reports does anyone know the specific Windows Audit Policies required in order to get results?
added host but no data collected
added host but no data collected , why ?.
Can't log in
I've installed Eventlog Analyzer and got it up and running to test before purchasing. Although, I can't log in after some time has passed. I can initially log in as admin and it works fine for a while. But after a few hours if I try again it hangs at the login page after typing in username and password. I have to reboot the server or restart the service to get back up and running. Please let me know what to do. Thanks, Neil
howto view/modify settings database filter?
I cannot find any way the modify the settings of a database filter. Am I missing something? Regards.
Howto move a host from one group to another (existing) group
It seems that we cannot move a host from one host group to another existing host group. The only way is to create a new host group and put the host(s) into the new group... Or do I miss something?
Eventlog Analyzer won't start
I can't get Eventlog analyzer to start again. It starts fine upon reboot, then stops and will not restart. The dos window scrolls too fast for me to capture errors but I can see something about "in use by another program". Please let me know how I can fix this.
New Alert Profile with NO "Message Contains" data
I am trying to create an new profile that will email me with any error for any windows server no matter what the error is . Based on the Add Alert Profile screen I should not need to enter "Log message contains :" because "This is Optional." I am trying to set the LogType to Any, the Severity to Error, NO message text, with the event occurring 1 time in 1 minute. Anyone have any ideas?
Questions about EventLog Analyzer
Are there plans for any of the following: - A better user reporting system that has at least some level of intelligence. After evaluating the software I've the only determination I've come away with is that custom reports have no way to do context-based filtering on reports. For syslog, for example, you can only create a report based on the alert level(s) and facilities. For busy mail servers, this creates a report that is basically unusable. I would like to be able to filter the events in the reporting
windows 2003 server with firewall
I can get EventLog Analyzer working on a 2003 server without firewall running. But, if I try and access a server on the same domain with the firewall running it will not authenticate. The firewall log drops ICMP 106.
My server is also only retriving logs from local machine.
I setup Eventlog Analyzer today and so far I'm very impressed. However I can not get it to pull remote server logs even after confirming successful authentication. I noticed other people have this problem. Is there a common fix or do you need me to generate a log?
Administrator right necessary ?
Hi is it necessary that the user has administrator right ? can you tell me please which minimum right needs to run the analyzer. I cannot give admin right for the Analyzer user. Thx Guido
Can't get any log from sun box!
Dear support, We are testing event analyzer 4 build 4001, we can sucessfully get logs from Linux box, but can get nothing from SUN (solaris box). We followed the instruction, because the port 513 is occupied by WHO, so we use port 1514/udp for syslogd on the box by editing the /etc/services file and add the unix host (listen on port 1514/udp), restart the syslogd and alos the eventlog analyzer service, but we got nothing from the box, and we even tried on default syslogd port 514/udp, still got nothing,
unable to retrieve events if dcom is disabled on system
It seems that eventlog analyzer cannot collect the events from remote windows servers where dcom is disabled. I cannot find on the site if this is required or not. Can it work if dcom is disabled on remote systems?
Multiable Devices using a SysLog Server
I want to use Event Log Anay to monitor a syslog server. This syslog server gets reports from several remote sites and servers. Can this be done? We can setup the syslog server using a third party package but not sure if Event Log Analyzer will read it. Or is Event Log Analyzer a syslog server itself and we just need to send the alerts to it from these remote sites?? Please advise
Require WMI script to track all users login / logoff time
i find a WMI script that tracks the login time and logoff time for a computer my target is Local machine & W2K3 Active Directory; both script i requer can you please help me ! Thanks ashok
existing version of mysql
hi, i'm evaluating EventLog, and i need to able to run it on an existing version of mysql. how can i do this? i've tried changing the port in mysql-ds.xml to the port of the existing one. but when i start it up, it still tries to start up its own copy of mysql rather than using the existing one. --alex
syslogd and priorities
Hi It appear that the syslog prorities are not being mapped correctly See User User su: [ID 810491 auth.crit] 'su root' failed for username on /dev/pts/7 It's not even reflected in a failed login I am only seeing a level of warning being classified The are no errors, success, failure being classified How do I fix?
Next Page