Not getting any info from linux system
I have tried to configure a linux host running on debian 3.1 stable without success. I had tried while changing parameter in the file /etc/syslog.conf first. Restarted the deamon # CONFIGURATION LINUX OPENMANAGE *.* @192.168.1.61 This wasn't working so: # CONFIGURATION UNIX HP&CIE *.emerg;*.alert;*.crit;*.err;*.warning;*.notice;*.info;*.debug @192.168.1.61 not working again... So I moved to syslog-ng apt-get install syslog-ng (I had debugged the script file because of a error relating to kernel (/etc/init.d/syslog-ng)
Windows hosts sends syslog to EventLogAnalyzer
Hello Would it be possible to send from a windows host (with a syslog production program) a produced syslog to the EventLogAnalyzer; instead of logging on from the EventLogAnalyzer to a Windows host? For security reasons we would like do such log file distribution. Thanks for your feedback.
Eventlog Analyzer Alerts and Severities
Hi, I have searched but not found on the forum. We are monitoring cisco routers with Eventlog Analyzer and would like to be alerted on ALL severities. Now it seems that we can only define an alert profile with one severity per profile. Is there a way to define a profile for all severities (so in fact for all syslog messages)? Thank you for a great product.
New Service Install Alert
Finally got approval from leadership to begin testing with Event Log Analyzer. Most impressive! Very happy with the automated reports and generation features. Is there a way to have an alert based on installation of a new service? In my looking through the various menus and options, i didn't see it. Such a feature would be excellent.
SYSLOG listener dies
Hi, I've been evaluating your product, and every 1-2 days the syslog service just stops collecting syslog requests, any help you can give would be appreciated.
I can run this Eventlog Analyzer on Cent OS?
After install on Cent OS machine , I can't access http://localhost:8400. I think that not support Cent OS? Please help on this.
Customize Summary Report
Is there a tool to customize event reports? We wanted to generate a report showing only the errors occurred from each server everyday.
Unable to view Application and System Logs
The only logs that the Event Analyzer collects are the Security logs. I have attached to three other Windows 2003 machines and each one has the same problem. Ideas?
Customize Report
Is there a tool to customize events report? We wanted to generate a report showing the number of errors occurred from each server everyday. Thanks in advance.
is there any requirement for Internet Explorer or client PC?
Hi, I am evaluating Eventlog Analyzer. I met a strange problem that I could logon from some client PCs but could not logon from other PCs. There is not any error message displayed when I navigate to http://ip-address:8400 Please help! Thank you!
unload archive
Hello I know how to load an archived file but how do I unload it after I do not need it anymore? Thanks and best regards
RSA Conference 2007 - Free Expo Pass Available
We are happy to inform you that we are taking part in the upcoming RSA Conference 2007, to be held between Feb 5-9, Moscone Center, San Fransico. Visit us at Booth #2147 Existing customers, please get in touch with support@eventloganalyzer.com before Feb 2nd, to get hold of a Free Pass for the Expo to be held between Feb 6-8. See you at the show!
Custom report for After Hours
Hi We currently have RSA security which generates an IAS event when someone logs in through the system. For audit purposes we need to provide a report to show all logon events through this system after hours. I can successfully create a custom report and selecting the particular eventID to show this information but is there a way to customize for only showing events after hours? cheers Dave
Database mssql
Is there a way to install this on one server so that the data is written to SQL Database rather than stand alone MSSQL databases so that i can have 10 users all logging into this and it using our main sql database as the back end
Rights to collect logs from Windows hosts
Is there any way to assign the needed rights for EventLog Analyzer to collect the event logs from Windows hosts, other than granting it admin priviledges?
DBase Filter: No save button
Hello, I am testing some functionality of the ELA before taking a purchase in considiration (wich we most likely do). However the following problem occurs: While trying to implement a DBase filter on the seccond page there should be a button "Save" to save the configured filter properties, however all I can detect is a button "Finish" and "Cancel" but no "Save" as stated in the help-file. The filter does not save when "Finish" is pressed, I get rerouted to the 1st screen (where all filters should
Syslog from Separate Subnet
Good Day, I have 2 remote devices and a server on a separate subnet that I would like syslog messages to come from. I know I can send syslogs to the server but they do not seem to be received (a device is created but no logs) Is there something I am missing, or can logs be sent from other subnets? Thanks!
Error after login
I've installed Eventlog Analyzer on a Windows 2003 server. Installation worked fine, but when I try to log in I get some kind of Java-error. Error-text is in the attached file
event log changes the characters 2 and a to %
I have event log running on linux and we are evaluating it here. The archive logs look OK but in the viewer with box firefox 2, and IE 6 The following occurs. Local4 Local4 Critical Jan 09 %007 14:%9:%9: %PIX-%-106001: Inbound TCP connection denied from 10.37.85.%50/%741 to 10.66.%06.81/%967 flags SYN on interface Inside 08:29:41 Jan 09 2007
Report to log accesses to a SHARE
Is there a way to get a report that shows succ/unsucc logon events to a particulate SHARED RESOURCE on a particular host? Thanks, J
Initial Configuration Questions
Several questions concerning configuration: 1) Under the Recommended System Setup: Run EventLog Analyzer on a separate, dedicated PC or server. The software is resource intensive, and a busy processor may cause problems in collecting event logs. My question are: Where would I find the setup procedures for a split configuration? Is there a requirement for both the "collector" and the analyzer to have the same OS? The configuration I am considering is: COLLECTOR: SUN Sparc configuration running Solaris
SA 2000
Hello everone does anyone know if Eventlog Analyzer work with SA 2000 (Juniper)? if so how can i set it up? Thanks very much for your help Greetings Duncan
Clear Event Logs?
Is it possible to have Event Log Analyzer aggregate logs and then erase the messages from the event log? David.
unix users login/logout reports
Hello, I'm using Eventlog Analyzer mostly for Solaris systems, even if people are logging in and out of the boxes and this is recorded and sent to Eventlog Analyzer the default reports are blank (top users per login etc) All the logs are in Eventlog Analyzer but it does not see them for the reports. It works perfectly for windows systems. Any idea why? Thanks and best regards
Event logs
If someone (another domain adminstrator) cleared the event logs, how can those event logs be recovered (which tools) without shutting down the machine?
Compliance reports for LINUX/UNIX
Hello We are currently evaluating EventLog Analyzer. We have mainly LINUX systems and of course would like to produce compliance reports for these systems. As far I can see this feature is not available at the moment. Questions: - In which time frame can we expect such a feature? - If we buy the product now without this feature and collect the data from the LINUX hosts; would it then in the future be possible to produce compliance reports for LINUX hosts based on "old" data. Thank you.
Syslog - EventLog Analyzer
I have a Sonicwall firewall that sends to a Kiwi syslogd and to ELA. The Kiwi syslogd is logging about 100X more entries than the ELA. Is there something that I am missing in the ELA configuration?
EventLog stops receiving messages
Each server shows up with a status of "unable to reach server" mustard color icon. I restart the service and they icon is back on green... what is causing this server to loose connectivity to all servers?
Cisco devices syslog support & reports
Dear All, Recently in our latest build 4020, we have added support for Cisco Router Syslogs as we got more user requests. To proceed further, we would like to get more feedback from the Cisco device administrators/users regarding the following. * Additional formats/devices to be supported. Currently we support Cisco Routers. * Additional Reports to be added. Currently we support configuration changes, Access List Violation, Link Changes, Login/Logout etc. * Any enhancements in the Alert/Filter configuration
Audit of Logon/Logoff in System log but not in Eventloganaly
Hi, Habe set for example auditing for system Logon/Logoff on a Windows XP system. These events are in the system log on the system and show if it was successfull or not. But, I can not see these event in the eventloganalyzer under important events. Thank you. Bj�rn
Events not shown in Eventloganalyzer
Hi, During the evaluation of the product ELA I found the following: 1. On a Windows XP system I have enabled auditing (success/failure) for different conditions. These events I can see in the system event viewer but not in the ELA (important events nor in a reports). 2.I also did on a UNIX/LINUX system some Logoff and Logons (successfull and unsuccessful ones). In the list of important events I can only see the successful user logoffs but not the successful logons or the unsuccessful logons. Also
Eventloganalyzer and Windows Firewall
Hi, I'm actually evaluating the eventloganalyzer program. Could anyone please tell me how to configure the windows firewall (exceptions) to allow the eventloganalyzer to scan remote windows XP systems. Thanks.
Bypass Authentication
Hi, Is there any way to remove or bypass the authentication screen? We need this for our own monitoring purposes. Kind regards, Rolf
Not collecting Syslog from 1 host
Good Day, I have 1 host that Eventlog Analyzer is not collecting the data on. If I use Kiwi it receives it so I know that it is sending. What could be the problem? Thanks.
Comparison Matrix
Please send to me a comparison matrix so I can evaluate your product versus similiar products in the market. Matthew
Reports in EventLogAnalyzer
Although the graph and summary pages of my reports appear to be correct the reports never exceed 12 pages in length. I'd like to change this if possible. I am also a bit disappointed that there are no compliance reports (i.e. SOX, HIPPA) for anything but Windows hosts. Additonally I would like information on changing the cover page for the reports. Please advise.
Filter events from the dashboard diagram
Hi, We are using ELA4 to monitor 79 servers and are looking for an option to filter failed/succes log-in attempts from the dashboard on the HOME tab, because the diagram is mostly green/red from all the log-in events. The problem is that we can't use the database filters for this because we do need the info in configured "failed log-in reports". Is there a way to do this or is this a feature you can add? Kind Regards, Rolf
Sonic wall Tz170 Syslog help
I'm currently having my Sonic Wall firewall sending it's syslog to EventLog Analyzer. So far all the logs are going to it and I can view them. The problem is the WAN FW address has changed to a new one and EventLog Analyzer keeps showing the old address. The WAN FW address will change every few days since we haven't upgraded to a static IP address from our service provider. The reason I need this log is so I can set up EventLog Analyzer to email the log when the address changes so I can always VPN
1 Cisco rtr being automatically picked up as many devices
Question - any one else being slammed by the eventlog analyzer automatically picking up one single Cisco Router as multiple servers, based on the internal IP of various interfaces??? i.e. I ADD a Cisco dev, using it's local ethernet IP as the host name (so I can tell what it is by it's local IP scheme). HOWEVER, after some time passes, several other servers automatically appear in the list of active hosts, with IP hostnames of internal interfaces on routers that were already put in manually. If an
Language management
Hello, It seems the tool is not able to read or at least to display content of event log if it's in Japanese. It displays a blank line in place of Message. Could you please comfirm it ? Thank you Loic
Next Page