"Early Access" To Build 4030 Available
Users who are interested in trying out the "Early Access" build of the soon to be released 4030 Build of EventLog Analyzer, can contact support@eventloganalyzer.com Listed below are the feature enhancements, bug fixes and limitations of the upcoming build 4030: New Features and Enhancements [list=1:f5a19871eb]> Support for collecting logs from customized event types. > Reports for PCI Compliance Audits. > Support for SNARE, syslog input from windows hosts identified as Windows and not as Unix. >
Some functionality I cannot find or is not there
Hello, I have 2 questions regarding the reports and schedules of the reports: 1: When I have put in a schedule for a certain report it comes out fine, however when I want to change the properties of the schedule entry I cannot find where to do this, I have to make another schedule just for 1 minor change (for instance the time at wich the schedule should run). is this normal or is it possible to modify schedules? 2: The reports come out in the form of a .pdf document wich is fine by me, however I
Archive Database
Is there a way to archive the database entries and then purge the database on a weekly or monthly basis to prevent the database from growing too large?
ManageEngine EventLog Analyzer SP 3 (Build 4030) Released!
We are happy to announce the availability of ManageEngine EventLog Analyzer Service Pack 3 (Build 4030). To get the complete build (4030) follow the below URL. http://manageengine.adventnet.com/products/eventlog/download.html Customers using earlier builds of EventLog Analyzer, please download the Service Pack 3 from the below URL. Please follow the instructions before applying the service pack. http://manageengine.adventnet.com/products/eventlog/service-packs.html You can access the online user
Change Databases
Is it possible to point event log analzer to a SQL database instead of MYSql?
Purging out set of log entries
Hi there, One day last week, I had an errant process which created 300,000 log entries... I fixed the problem, but it is skewing my data so that my daily historical trend looks like Mondays (the day it happened once!) are really bad days! Is there a way I can select a subset of log entries for a specific server and time range to blow away? I expect I can do this via the Database Console if I know the right table(s) to deal with. Thanks CHris
Custom Reports
I was wondering if it were possible to create a report based on alerts that are generated? Thanks
CPU Usage 100% on process Winmgmt.exe
Everytime EventLog Analyzer get new Data, the Process Winmgmt.exe (WMI) goes to 100% CPU usage on each Server for 30 seconds to 10 Minutes. the User don't have Administrator rights, only Auditor rights (http://www.windowsecurity.com/eventlogscan/admrights.htm). You know this problem ? Thx&Bye Guido
Looking to use software to centralize logs and events
Our network has 9 servers. I am wondering if anyone out there has used software to centralize logs and events for windows and other in house applications. Any feedback eould be appreciated. Thanks, Jimmy
Customize Alert Messages
Can I customize the Alert Messages with a specific subject? Currently the subject is a default "Alert from EventLog Analyzer". It would help us to identify from all these messages we get.
Database Clean-Up
Is there a simple way I clean-up my database? Remove entries prior to a certain date. My database is already 60GB and it takes a long time for the database/service to start. Also often the server stops collecting logs. I want to shrink the database and decrease the log retention size from 14 days to something smaller for now.
Eventlog Analyzer- U.S Daylight Savings Time patch
Hi, Greetings, Good Day! Please find below the steps to configure Eventlog Analyzer for the new Daylight Savings Time settings. 1. First, the OS needs to be updated. You can get more information from the following; a) For Microsoft products, please refer "support.microsoft.com/default.aspx?kbid=928388". b) For Redhat, refer "kbase.redhat.com/faq/FAQ_80_7909.shtm". 2. Download the "tzupdater.jar" from the link java.sun.com/javase/downloads/index.jsp and click on the 'download' button against JDK US
I don't see the events
Hi. The connectivity to the monitored server is OK, the server is runnin and status is OK, but I don't see the events. I am logged on as the admin. when i see the lats 10 events, then ist OK, but there is nothing in the dashboard. please, see the picture.. thanks roman
I don't see the events
The connectivity to the monitored server is OK, the server is running and status is OK, but I don't see the events. I am logged on as the admin. when i see the lats 10 events, then is OK, but there is nothing in the dashboard. I send please, see the picture..
Reports using specific Event ID
I have a list of Event ID's that I wish to have reports generated for and emailed to me on a daily basis. Something is wrong and not working properly. I click to create a new report. I type a report name and click: Custom Report with Event Filters I click the server group I wish to create the report for and click next... I then select the options and enter the event ID i wish the report to be generated for (SEE ATTACHED SCREENSHOT). At the next screen i configure the report to run daily at 12:00
No Alerts Trend Reports
Hello I have several alerts but there are no Alerts Trend Reports generated. Not sure if it is a bug or if I'm missing something Thanks and best regards Saverio
EventLog Analyzer startup issue
Hi, I am evaluating Eventlog analyzer, while starting the server i am getting "Trying to strt MySQL sever Failed" but i check the DB port 33335, it is listening. Please suggest me to proceed. Note: i am running on SUSE Linux 9.3.
when the new release?
Hello, Do you know when the new release should be ready? Thanks and best regards Saverio
Bind Eventlog Analyzer to listen on specific IP and port
I want to be able to bind the eventlog service on the server to listen to a specific IP on port 514, instead of all IP's on the server. (ie. 1.100.100.50:514) instead of current (0.0.0.0:514). Thanks.
EventLog Analyzer and DST Change
Are there any patches for the application? The times are off one hour. My host system has the correct time. I know the underlying Java has to be upgraded on some other applications I have dealt with.
"ASK ME" different questions produce return same r
Hello There is a bug in the "ASK ME" questions for the "What are the top events that triggered alerts?" It returns the wrong report, it returns the same report of the "For which machine/group are most alerts being generated?" I guess it is the same bug of the no trends reports for alerts Best regards
User logons report
Hi guys, awsome product, I just came across it today and have installed the free version to test things out. I have a question regarding the emailing of reports. I read that only PDF reports can be mailed out periodicaly. How come no CSV or HTML reports? Is this going to be changed anytime soon? Also, when looking at the PDF report for User logons, I have a report file wihch is over a 100 pages long, and basically has one record per page.. A screenshot is attached. Is this something that I am doing
No entries under Important Events
Hello, I'm evaluating the Eventloganalyzer under Linux. Have produced some logon and logoff messages. I can see all the sucessful logon's and unsucessful logon's and also the sucessful logoff's under all evens in Eventloganalyzer. However, under Important Events I can only see the sucessful logoff's but not the logon events (sucessful and unsucessful). What is wrong? Thank you.
Can't connect to some W2K Servers
Hi all, while configuring the Eventlog Manager I have some problems to connect to two of our W2K servers. In the 'Add Host details' I chose Windows OS, type in the hostname and our domainname and the domain administrator as user. If I verify the login, the status is 'Failed'. Though I had no problems on the other W2K Servers, on these two of them it doesn't work. All the servers are in the same network. What can I do to solve the problem?
Eventlog authentication activity for each remote host
Can someone describe for me the login and authentication activity associated with the Eventlog software? Reports visualize login and authentication activity under the "service" account name used for polling (if your configuration is for the default 10 minute polling, then it will authenticate once every 10 minutes)...got that one. However there are activities that reflect what seems to be the PPID owners name or the name of the account for which the software is loaded and executed. In other words,
Eventlog Server (Linux) and Windows clients
Hello I'm currently evaluating the eventloganalyzer under Linux and would like to get log data from a windows host. What do you recommend to get that working; I can not see in the eventloganalyzer how to add a windows host. Thank you for your support.
EDIT/View custom reports....
I can create an alert, then later return to the alert to tune or view the alert settings. However, I am unable to find a way to view the settings for individual reports. It would be much easier to modify small settings within a report than to re-create the report from memory and try to implement the changes. Am I missing something in the interface or is there not a way to view/edit report parameters
capability to email compliance reports ?..
I need the capability to email compliance reports or pieces thereof to an account such that they can be reviewed. I know I can create alerts and user reports for each specific event i want to have sent to the processing account, but the manage engine box i'm using is already incredibly taxed due to the massive amount of data that is being processed. Is there a way I can simply have the compliance reports emailed out? Generally, i'm interested in the locked accounts, failed logins, changes to group
Eventlog Analyzer 4 (build 4020) problem
I setup the eventlog Analyzer 4 yesterday to evaluate the software. I setup couple devices including cisco switch, Foundry switch, Alteon load balancer and Netscreen firewall. The syslog seems to be ok on netscreen firewall only because I got lots of message off the device. When I test on Alteon load balancer, it generate the syslog (I proof it by running the sniffer on Eventlog server), it arrives the system running Eventlog analyzer 4 but it doesn't appear in the log under the device. Is it a bug
Syslog messages truncated
Hello, Is it normal for Syslog messages to be truncated? I thought at first the problem was on the Syslog device itself, however after viewing the raw log files located under C:\AdventNet\ME\EventLog\archive the syslog messages look good. When viewing the same log from within EventLog Analyzer, anything under the Message column seems to be cut off after 250 characters or so. How can we fix this display issue? Thanks
Regarding dashboard & Reports
hi, in the dashboard , the messages are classified as "error" "warning" "failure" and "others". can u explain, the basis on which this is calssified. in unix (AIX) login failures get reported as auth.info, so these go into others and they never come up in the compliance reports of login failures. can u plz explain, how do i get these to appear in the reports. have some more question. will post them later, but would be nice if u cud help me with this. cheers yash
NT 4 login
HI, I am running EventLog Analyzer 4020 It is impossible to connect to NT 4 domain controler, the error message is : class not registered What can I do ??? Thanks FL
EventLog Analyzer and DST change
Hi, Will Build 4020 of ELA be impacted by the DST change in North America? Thanks, Brad H. bheth@uvic.ca
location of database files during install
i am preparing to install our production licensed version of analyzer and would like to have the database files located on a network SAN drive. what is the easy way to do that during the installation process?
slow response for dynamically generated reports
I have a domain controller generating a very large number of events on a daily basis, well over 1 million. Events are collected by the manage engine server without any issues. However, when i click on the specific event types to view detailed information, it takes a long time to generate the graphical report page. For example, clicking the "unsuccessful user logos" tag has been churning for the past 12 minutes and it's still going. The manage engine server is running on a Dual Xeon machine with 4gb
Eveentlog with Juniper Firewall
Hi everybody, i'm evaluating Eventlog Analyzer 4, with windows based server no problem it work fine, i'm trying to get syslog from my Juniper's firewall. I've configured my Juniper to send syslog to the ip adress of the eventlog Analyzer server but he don't send log. I have tested syslog from Juniper appliance with other syslog server and it work fine. Anyone have an idea? thanks for your help Fil
Report is being generated, now for several month.....
Hi, Since some time, I get a box on my eventlog windows saying "report is being generated, Please Wait". As I've now been waiting for several month, I guess sometihing is wrong :-) Any idea? Blaise
bug in the report counter
Hello When I do a search for a string, say "failed" the page returned contains the found matches and so far ok but the counter on the top of the page never changes, it always show the total number of records not the returned records Which it is a bit useless because if I search for something I would like to know how many entries have been found for the specific search. Best regards
EVA and ISA 2004
I am trying to add a server running 2K3 and ISA 2004, but I receive an error that "The RPC server is unavailable". I would like to know what ports or services need to opened to allow me to add this server. I have verified that the account I am using has sufficient privileges as it works on every other server I have added; as well as running through all the scenarios on the help file. Thanks, Jason
Eventlog Analyzer
Dear Sir, i just want to ask you can i install eventlog analyzer software on standalone server to catch logs form two different domains, will it be possible if yes then what setting needs to be done the same server please help me out to configure the same
Next Page