EVENTlog analyzer on Debian!
HI all
recently I want to install eventlog analyzer on debian VM. I tried more times but couldn't successful.
1) I download .bin file from source file and run it in console mode : ./filename.bin -console. Then I run ./run.sh in my installation path and open interface on 8400.
then confige my ubuntu rsyslog to send syslog to eventlog analyzer server in this format : *.* @IP
and confige rsyslog debian server to x mode .
but there isn't any recived packets on eventlog analyzer. But when I get tcpdump or config rsyslog on port 514 udp, I can see recived packets.
so I decided to run runSEC.sh and config it. it has error and needs some library. and I can't do it .
2 ) in another vm I download and install eventlog analyzer, but couldn't start it. ./run.sh --> EAService not load
I searched more and more. but I couldn't find benefits informations. I don't know
what is EAService, where is it?
what is service requiremet to install and start before eventlog analyzer? ( in windows i can find some things but on debian or ubuntu there isn't any things)
the manual documentation not updated to this version and doesn't have good troubleshooting.
could you give me help?
thanks
New to ADSelfService Plus?