Log Monitoring
I've have ELA collecting logs from a bunch of UNIX hosts. Is there a way to set up an alert if I am no longer receiving those logs? I'm trying to do is get an alert that tells me a server is removed from service, for whatever reason, or that ELA is no longer receiving logs from a certain host..
User Based Report
Good afternoon. When I click on any of the three user activity reports and try to edit the hosts, I am unable to do so. When I click in the box to type in the host name, it doesn't work -- it is almost like it is greyed out and unable to be used. Additionally, there are no available users to select from on any of the reports. Running build version 10, build number 10001. Accessing via IE11. License Type - Premium Thanks in advance for your help.
Security Event log not importing correctly
I'm not sure exactly but when I try to import a security event log the settings section under 'Report Type' just continually shows 'in progress' and every few seconds the screen refreshes but it never seems to finish importing the file. Have left it running for a good 20 minutes and it's only a 9mb file so would have thought it would be fairly instant. Also the import time field is unpopulated. I have tried running searches for event ID's which I know exist but get no results which would suggest
import log from wan network device ...ip valid ....
hi Does the manage engine event log analyzer software , in part of << remote import log >> , import log from out of local network? host ip is valid. thanks masoud
Use MSSQL database for ELA
Hi, In order to consolidate our databases, we need to use our MSSQL server and not built in pgsql. Could you give me the steps to do that ? Thanks you. TI team
cant remote import log of local network host
hi i want remote import log of apache web server .. But after entering the specifications, in the "select remote file" field , this eroor showes : ::::::::::::: Failed due to either wrong username and password (or) the server may be down! :::::::::::::::::: I am sure I have the correct username & password. please help me. thanks masoud
ManageEngine EventLog Analyser port 514 not opened.
Hello, I have a strange problem. I installed the latest version of ManageEngine EventLog Analyser: Build Version :10.7 Build Number : 10073 Service Pack : - Database :POSTGRES Build Date : Nov_18 Build Type : 64bit However the port UDP 514 is not opened. By default the syslog server should listen to that port. How can I open it? I am successfully receiving logs from windows machines but not from linux machine. netstat -na gives me that the port 514 is not listening. UDP 0.0.0.0:513
can not set log alert apache in manage engine event log
hi all i can not set alert for apache host ... I am faced with an error. error massage ::::::> ..... Message : com.adventnet.sa.server.nf.NotificationManager.addProfile(Ljava/lang/Long;)V Stack Trace : Stack Trace is not available. please help me thanks
Objet mail rapport
Bonjour, Nous rencontrons des difficultés à modifier les objets de mails envoyés pour les rapports. Actuellement, l'objet du mail des rapports générés est : "EventLog Analyzer Reports - $NomsduRapport". Nous voudrions changer cet objet avec juste le nom du collecteur ayant généré le rapport. Avez-vous une procédure pour cela? Cordialement, Alexandra
web server analyze in manage engine event log analyzer
hi all how to analyze web server logs ...for example apache , .... in manage engine event log analyzer. please help. thanks masoud
Major Service Interuption
It was unfortunate that we were taken down by an unprecedented storm early today and the locality of our offices are flooded, that we could not resume to work. However we will look in to your requests with highest priority and will get back to you at the earliest. Thank you for your understanding. - Eventlog Analyzer Support
Track event ID occurrances per user per minute
Is there a possibility to create an alert that will notify me if same user delete 10 files or more in one minute? File monitoring is up’n’ready, but if I create alert on event ID 4659 (Object deleted) it will notify me based on occurrences of event ID. I need to track if any user on domain deletes more than 10 files per minute.
Report Alert
Hi, I would like to get one automatic report with Login of autentication of all user of my domain. I did one but I can see the user system (PC16$,SYSTEM,DWM-2,DWM-1,DWM-3), I want only the user What Can I do to get this relatorio by email with this information?
SQLServer DDL Auditing Report empty
I am testing Eventlog Analyzer 10.7. I have setup Audit object and Audit specification for the MSSQL server I'm trying to monitor as instructed by ManageEngine's documentation. Unfortunately, the SQLServer Reports do not compile ("no data available" it says). On my SQL server I have created databases and tables, dropped databases and tables, changed tables--but nothing shows up in the Eventlog Analyzer reports. I see events in the Application Log on the server and if I do a custom search in Eventlog
Hyper-V log are not collected
I have hyper-V server 2012 R2 with Hyper-V log enabled, but I can't see them in ELA. What am I missing?
Can't login into Eventlog Analyzer Application
Hello Team, I currently experiencing problems logging into the EventLog Analyzer application. The login screen is continuously shaking thus i can't enter my login credentials. Please help. Jesse
Alert - same ID, same User - number of occurrences
Is there a possibility to create an alert that will notify me if same user delete 10 files or more in one minute? File monitoring is up’n’ready, but if I create alert on event ID 4659 (Object deleted) it will notify me based on occurrences of event ID. I need to track if any user on domain deletes more than 10 files per minute.
No events for Linux and Solaris
I am evaluating EventLog Analyzer (ver 10) for possible purchase. I have added 1 windows box (2012), 1 Solaris (10) and 1 RedHat Enterprise Linux (6.4) as a test. All 3 boxes are streaming their logs to the analyzer and the traffic shows up in the syslog viewer. However only the windows events show up in the dashboard and host counters. I manually generated some events (Linux and Solaris) such as "su" I see the "su" event show up on the syslog window but nothing ever populates anywhere else. Can
How to analyze Checkpoint firewall with ELA
Hi all, I need to configure ELA to analyze Checkpoint firewall (Gaia OS) Which is the best way to do this? I need to import firewall logs into ELA server or is there a better solution? Best regards, SL
Access Denied to Windows 10 computer
I have gone through all the steps indicated to fix "Access Denied" with no success. The system denying access is a Windows 10 Pro 32 that was upgraded from Windows 7 Pro 32. Is this a common issue or are there known fixes?
Manage Engine Log Analyzer Log Collection issue
Hi i have a manage engine log analyzer installed. problem I am facing is that I was unable to pick hosts and if hosts are manually added then it doesn't collect any events in dashboard. It keeps scanning but doesn't show anything until I import logs of some other machine in to the software. I was unable to understand this behavior plz help
Unable to delete a host
Hi I've tried several times to delete a host in EventLog Analyser, but the hosts still remain. Restarted server, service, etc, still unable to remove. Has anyone come across this and, if so, have a solution? Cheers
Forward logs to another log server (real time)
Hi, I need to know dose the EventLog Analyzer has the capability of forwarding logs to another Logserver in real time. Thanks,
get log of wm & esx server
hi i have a esx server and i want esx server logs and send to manage engine event log analyzer. what should i do? thanks masoud
mikrotik log analyze
hi all I am using the software manage engine log analyzer, Despite the router configuration router, but not send any logs for Syslog server. why??? please help me. Thanks & Regards Masoud
Perpetual Licence
Is there a Perpetual licence for EventLog Analyzer or subscription model is only deployment option?
Not able to display the login page of Eventlog Analyzer
ELA Web page is no longer displaying. It was working fine and configured fully. I did find a similar thread on the forums with no resolution though. ELA is still collecting (I can see the logs building). Service starts correctly with no noticeable errors. With a netstat command I can't even see the server listening on port 8400.
Forwad logs to another log server in realtime
Hi, I need to know dose EvetLog Analyzer has the capability of forwarding logs to another log server in real time. Thanks,
Emails from Alerts and Reports
I can setup email and utilize the test button, and receive an email. I never receive an email when an alert or a report is generated. Any ideas on how to troubleshoot?
Why \ManageEngine\EventLog\Data folder size is very big ? And how to reduce this folder to make sure enough space to keep log ?
Hi All Why \ManageEngine\EventLog\Data folder size is very big It more than Index folder,and what type file store in this folder? How to reduce this folder to make sure enough space to keep log ? below is our ELA information Our ELA server collect 50 syslog device and 40 windows server. Build Version : 9.0 Build Number : 9002 DataBase : MSSQL Build Date : Jun_03 Build Type : 64bit Language of Installation : Engilsh
We are unable to login to Eventlog analyzer http://localhost:8400.
Am new to Eventlog analyzer we have default credentials. to enter in to http://server:8400 we are unable to login. so we tried to login locally in the server http://localhost:8400/ but still it wont allowing us to login to web portal. i tried with the restarting the service but no luck.
Load Archive
I am trying to restore an archived file. The file size is 21MB. I have ticked the check box and clicked on the load and search, but it has been on the loading status for the past 12hr. Dose it take a very long time to load archives if not what is the producer to troubleshoot the course.
tlsv1.2
Is there a way to enable TLSv1.2 in EventLog Analyzer
Hyper-V 2012 Virtual with 2 Terra
I have a hype-V virtual with server 2012 standard R2 and 2 terabyte drive, Eventlog analyzer reports that the drive has less tha 2 GB and 3 Gb used
Exclude file/folders with spaces in path name
Hello group, I have search the site and knowledge base and trying to work with support as we speak. Figured I would reach out here as well. I'm evaluating the Eventlog Analyzer and during this test I've run into a problem with File monitoring. I'm monitoring a directory with a space in the path. This works fine but I would like to add to sub folders to be excluded. Trying to use the exclude file/folder feature, I've added the two full paths to it. The feature doesn't work if I have more than
Default Listening Port 513 has already been occupied . So add a new port to listen for event logs.
Hello, I have edited runSEC.sh, restarted ELA and it will not listen on 514 like I would like it to. It still shows trying to listen on UDP 513. This is installed on a fresh install of Ubuntu 14.04.1 LTS running in VMWare. Below are the netstat results while the ELA service is running and the output of the runSEC.sh file. server:/var/log$ sudo netstat -anp -pudp Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program
Not seeing any data past 1 month?
Hello! I am new to EventlogAnalyser (kinda thrown into it) and I am trying to figure out how to use it. When I am trying to look for data for the last 6 months I am only seeing the last 30 days. Is there a setting that I am missing? James
Access to archive of a deleted host
Hi, I have deleted an obsolete windows host in ELA. Its archived logs are still there in ELA\archive, I would like to access them to seek for an old log entry. The problem is, the host isn't displayed anymore in Settings\Archive\Archived Files so I can't select the archive file. I tried recreating a dummy host with the same name but to no avail. What is the proper process to access to these archived logs?
File monitoring not show user, process name and domain
Hi all, I've added file monitoring, but the log doesn't show the Username, process and domain as picture blow what's wrong with my configuration? although I check with enable setting and solution? Thanks and best regard, Kongkea!
Event log Analyser NPS server role log support
Dears does the Event log Analyzer supports logs from Microsoft NPS server role?
Next Page