Repeated MySQL errors in eventlog form
Greetings, We are having an issue with our Windows Server 2003 R2 that is running our Eventlog Analyzer. We are seeing around forty errors an hour from MySQL in the application event log. The error is: Event Type: Error Event Source: MySQL Event Category: None Event ID: 100 Date: 2/17/2009 Time: 9:59:33 AM User: N/A Computer: ...APP3 Description: ../mysql/\bin\mysqld-nt: Incorrect information in file: '.\eventlog\comp_syslog_hr_trend_tmp.frm' For more information, see Help and Support Center at www
No data found, but data is collected
Hello My server with eventlog Analyzer 7 ran out of space, I expanded the drive and rebooted the server Data is being collected (if I push "last 10 events" I get events), but Error, Warning, Failure, Others, Total is all showing 0 Regards Dennis
High Availability Mode
Hi, Is there an edition to install ELA in High Availability setup? either using a load balancer or a cluster with SAN involved for storage. Regards,
Alert Suppression?
I have an alert setup to notify me everytime I get a message about a Rogue AP. The problem is that these notices are sent every minute. I only want notified ONCE, not every minute. Is there a way to configure Alerts such that once it sends out an alert on a specific log, it will ignore all future logs until alert is resolved? Thanks.
Alerts don't show any data
Hello, I have configured three hosts and collects logs fine. I have configured alerts to show some kind of events but they show nothing. I have followed the user manual but it doesnt work. I attach the support information file. Thank you.
Data Collected but Event Deatils says NO DATA FOUND
Hi Eventloganalyser appears to be working fine until I drill down into an event and get the error "No Data Found" Please assist. Many Thanks Brent
How to use Eventlog Analyzer to recive Events from IBM Storwize7000?
Hello, can you please answer me if I can use Eventlog Analyzer to gather events from IBM storage?
Event Log Analyzer Not working
A few days ago, log files filled the drive. I've extended the drive, however problems still persist. Currently the home page shows: HTTP Status 404 - /event/index2.do type Status report message /event/index2.do description The requested resource (/event/index2.do) is not available. Windows Application Event Log shows only one warning message: Can't open and lock time zone table: Table 'mysql.time_zone_leap_second' doesn't exist trying to live without them For more information, see Help and Support
Print Server logs
Hello, I found that user printed job with two pages and putted number of copies 2 in log should be shown 4 pages, but can see only two. Where is the problem or should I configure somewhere esle? Thank You!
Mail Server with STARTTLS Failed
My mail server use STARTTLS for connection security. I use eventloganalyzer_7.2, but i dont have success in order to send an email. I have not access to Internet from my ELA server. So gmail alternatives is impossible. I capture the packets between ELA and mail server and i got SMTP Error Code 502 Please anything about it, let me know Regards, Miguel Esnard
Reporting deleted objects
On my primary file server (Windows 2008 R2), I've enabled auditing on all file systems, from the root down, using "Everyone" with success/failure for deleted objects. This screenshot is one of the drives showing the auditing I've enabled: When I look at the Windows Event Logs, I indeed see when people are deleting files. Adding this file server to Eventlog Analyzer, when I run the canned Compliance (FISMA, HIPPA, etc) reports, there are reports for deleted objects, but when I run these reports against
Alert Module not responding
Dear We evaluate the EventLog Analyzer application, we set all the alerts you need. We have all the record, works perfect. When I enter the alert module to add a new configuration, not allowed to enter the screen goes blank when I enter the Alerts menu, why? How I can fix it Regards Marcelo Benitez
LDS vs. AD
Our parent company dictates our AD structure, and it's really pretty bad. We've implemented LDS to get around this for most of our projects. Is there a way to use LDS instead of AD for ELM? It would literally take us months to get permission to get new OUs created for admins and operators.
We can't see the log in the Home tab, but we can see the Syslog viewer - view raw packet.
Hi, We can't see the added device's log on the Home tab, but we can see the Syslog Viewer - View raw packets. We use the 7022 version. Device: Cisco's ASA-5585-X and N55-D160L3 Thank you in advance. Young-Suk ko
Events Not captured
I'm evaluating the EventLog product. While I can see that what it does report on, I like very much. However, I'm concerned that it does not seem to capture (or at least report) certain types of events from my "SYSTEM" logs on any of my servers Specifically speaking, the product correctly reports that I have DnsApi errors in my SYSTEM log, but it does not report on the multiple occurences of Netlogon, Mrxsub and print errors within the same portion of that log on that same server. Is this something
Home Tab -> Device Status = "Problem Conecting to Server"
My system: ELA build 7022 sp 7.3 evaluation copy expire on 10 days SO CentOS 6.2 2 GB RAM 20 GB HDD I can see the log packets on syslog viewer this is OK, but the device status on home tab is Problem Conecting to Server. Another problem is Server Status - Failed on the icon show listen port details. Some question in order understand better: 1. Eventlog analyzer start any sesion with the remote hosts? Whitch ports? 2. I cant see the process SysEvtCol running. It must be running? How i can find out?
Problem after update to 7.2.0
Hi, After upgrading ELA to latest update(7.01 to 7.2.0) from time to time(once for a week) ELA stops collecting logs, all hosts have “connection problem” status. I've got email notification ("ManageEngine EventLog Analyzer Server eventlog ... is down from...") after restarting ELA services everything goes back to normal. Regards,
EventLog Analyser support for IBM N3300
Hi We have moved from a Windows based File Server to a NAS ( IBM N3300) as a filer for a File Server .We are not able to add the same in Event Log Analyzer ( Build 7001) to pull any kind of logs from this device. We are interested in Object changes, Deletion, updates, audit changes on the filer. How do we go about it thanks Vadiraj
Syslog server and ELA Free Edition
Hello, Does the 5 hosts limit of the free version apply to syslog messages received through UDP ? Best Regards, Didier
Reporting Object Access on a Particular Folder on a Host
Hello, I was wondering if it is possible to use Event Log Analyzer to report on events on a particular folder on a server. For example, D:\Test Folder. I have set up auditing on the folder within Windows, but would like a way to report all user activity on just one particular folder. Hope someone is able to help. Thanks
ManageEngine EventLog Analyzer 5.0 is not running.
Dear Sir; when i run [ /etc/init.d/eventloganalyzer start ] the server is running for 5 seconds and it is stopping again automatically. And gives me [ManageEngine EventLog Analyzer 5.0 is not running.] error message. how to solve this problem? Best Regards..
Erreur sur des rapports
bonjour, sur eventlog analyzer, je n'arrive pas à accéder aux rapports, une erreur s'affiche: unsupported chart type stackedHorizontalBar3D je n'arrive pas non plus à créer un rapport, une page vierge s'affiche. merci pour votre aide. Message : unsupported chart type stackedHorizontalBar3D Stack Trace : Stack Trace is not available. Message : unsupported chart type stackedHorizontalBar3D Stack Trace : Stack Trace is not available. Message : unsupported chart type stackedHorizontalBar3D Stack
Can't search after load archive ???
I'm using EventLog ver 6.0, and I change database to use MS SQL Server R2. Some settings: - Enable Archiving - File creation Interval: 12 Hrs - Zip Creation Interval: 12 Hrs - Encrypt Archive Data: Disable - Archive Timestamping: Diable When I load any archived file, it's successfully but when I click load, one windows appears without anything, any information. The windows is empty. So how I can search old data ? Please help me fix it as soon as posible because my system will be audited
Size of indexes/cold and hot
Dear Sir, The folders under <ELA Folder>\server\default\indexes used up all my disk space. I checked on the forum that they are raw logs and working with the DB. However, i am using the MSSQL as my DB. Would like to check whether i still need it? Regards, Vince
SysEvtCol.exe Error.
Hi, I am getting below error. ManageEngine_EventLogAnalyzer is installed on windows 2003 SP2. SysEvtCol.exe encountered a problem and needed to close. All host gets disconnected and once we restart it gets connect for some time. Can you help me on this. Regards, Manish
Customize User Based Report
Hi all, I did a standard User Based Report selecting all servers, users and EventIDs I was interested in. Then I have scheduled this report, but the zip file is too large (more than 50 MB), and I can't send it by mail. I'd like to exclude the Message column from the details of the report to reduce it. Is this possible? How can I do it? Thanks in advance, Sutot
Separate databases with any group ?
First, sorry about my English is not good. Example, I have 3 groups: - Domain Controller: 3 servers - File Servers: 3 servers - Backup: 2 servers And I want to save log in: - Group "Domain Controller": 3 years - Group "File Servers": 2 years - Group "Backup": 1 year. How can I do it ? Thank so much !!!
Alert Problem on Linux/Unix/Solaris Clients
Hi All, Recently I can configure to send out email alerts from Windows Clients but not Linux/Unix/Solaris Clients. Could anyone please give me some hints on the configuration issues? Thanks very much in advance. Regards, Operator
64 bit Java Tuning
I'm performing a new install of EventLog Analyzer 7.2 on Windows 2008 R2 64 bit. The system has 8 GB of RAM. Looking at the tuning guide, it indicates I should change the wrapper.conf entries for "wrapper.java.initmemory=128" and "wrapper.java.maxmemory=512" to 512 and 1024 respectively. However, in looking at my wrapper.conf file these entries are different than shown in the tuning guide. My wrapper.conf file has values of 256 and 1024 respectively with no changes. Are there different Java
EventLog Analyzer Free Edition on MSSQL
I installed EventLog Analyzer and after installing switched the database to MSSQL as we already have that installed and I don't see the point to running MySQL and MSSQL if I don't have to. I was a bit surprised when I logged into the program and saw an error box which said "Your current license doesn't allow use of MSSQL database. Please use MySQL as database." Is this a mistake? According to your FAQ there is no difference between the free and professional edition with respect to features or functionality.
Unclean shutdown of previous run
When try to start Eventlog Analyzer 7.0 I receive Unclean shutdown of previous run Failed to start. Running on Server 2008 r2 64bit.
Huge size of indexes folder
Hi, Recently I’ve noticed that free space on my disk is shrinking, and size of folder indexes in ManageEngine\EventLog\server\default\indexes\ is now over 40GB. Can I manually delete those indexes ? Regards
ELA & Oracle
Hi, I'm trying to add Oracle host to be monitored in EventLogAnalyzer. I followed the configuration guide where I added Oracle host in ELA configuration and modified my Oracle to write logs to audit.log file. I examined the audit.log and its capturing events from Oracle but ELA is not showing those captured events at all !!! I modified my syslog.conf to to send *.warning @myELAserver .. and I'm getting normal syslog messages but still no oracle events in the application :( Also, I tried importing
MySQL vulnerability CVE-2012-2122
Is EventLog Analyzer build 7000 susceptible to this vulnerability? We have it running on OpenSuse 11.3 (yes, we will be upgrading the OS soon). http://www.computerworld.com/s/article/9227965/MySQL_vulnerability_allows_attackers_to_bypass_password_verification
Automatically Save Reports (Rather then Email)
We are running Eventlog Analyzer version 7 and I was wondering if there is a way to have the daily reports saved to a storage location on a server rather then have them emailed out daily? It would cut down in our time since we just save them from the email anyway and would like to have this automated. Could anyone recommend a way to do this?
Problem with MySQL Database
Dear Support, Good morning, The company acquired a Orizon version of EventLog Analyzer Professional with 300 hosts. We conducted a default installation of the product, with the MySQL Database. What is the maximum size of the Base in Gigabytes database support? Can I change to the Microsoft SQL? You have the procedure to accomplish this change? Thank you,
Exporting to csv does not give full log ?
Hi, i am trying to export a log to csv file for review, the log contains approx 431K lines of debug. When i try to export this to a csv it only show 20k lines of log. How can i get the full log exported, either to csv or even a raw format. Anyone with an answer quickly would be appropriately as i have 3rd party waiting to check logs. Cheers, RH
ELA and DHCP
Hi, i have a question regarding ELA and DHCP. I ave some clients that connects to the lan in dhcp; i've added theme to ELA, but it cannot collect the logs, since its IP keep changing, and ELA isn't updating it. Why isn't ELA simple asking via dns for the updated IP, if the one that has configured doesn't respond? There is any way to achieve this? Regards, Mauro
EventLog Analyzer WMI events polling compatibility with Symantec Endpoint Protection 12.1 RU1 MP1
Recently i've been testing new SEP version (we were using 11 version) and after installing just Antivirus-Antispyware setup onto Windows 2003 server with ELA on it, all servers became disconnected in ELA (Orange status). After uninstalling SEP the issue disappeared. Also after loggin into that server i once saw a SEP warning message about some risk detected, but Risk log was empty. In Symante forums they ask for the logs and can't say whether new SEP version can block WMI queries (outgoing). So far
Startup error
I'm running the latest version of EventLog Analyzer (7.2.2 build 7022). When I start the program, I get a windows error stating: "The procedure entry point sqlite3_prepare_v2 could not be located in the dynamic link library sqlite3.dll." The program was working fine until recently. Not sure what happened. I uninstalled and reinstalled, yet get the same error.
Next Page
