Enabling historic log collection in EventLog Analyzer
EventLog Analyzer collects all the logs present in the Windows Event Viewer (i.e., Windows Logs > Application, Security, System) when the historic log collection option is enabled.
To enable historic log collection, follow the steps below:
- Navigate to Settings > Admin Settings > Product Settings > Enable Historic Log Collection.
- If EventLog Analyzer is down for a few days, the application collects all the logs from the Event Viewer when the server is restored, provided historic log collection is enabled.
- For agent-based log collection, the agent will collect all the logs available in the Event Viewer after the server is back online by default.
- Navigate to Settings > Configuration > Manage Devices > Add Devices. Select the device, click the icon on the right to enable historic log collection, and click Add.
Note: When you add a device to EventLog Analyzer for the first time and enable historic log collection, EventLog Analyzer collects all the logs available in the Event Viewer for the device.
New to ADSelfService Plus?
Related Articles
Introduction to EventLog Analyzer
What is log management? An enterprise network consists of different entities—perimeter devices, workstations, servers, applications, and more. Each entity records every activity that unfolds within it in the form of logs. These logs hold information ...How to deploy EventLog Analyzer as a service?
EventLog Analyzer as a service can be deployed in two ways: Via the command prompt: Establish a remote connection with the server where EventLog Analyzer is installed. Open the command prompt with Admin privileges. Navigate to ...What are the steps for EventLog Analyzer instance migration from one server to another?
Stop EventLog Analyzer service (Start --> Run --> type services.msc ---> Stop "ManageEngine EventLog Analyzer"). Open the command prompt and navigate to <Installation Folder>EventLog Analyzer\bin and execute the below commands: Shutdown.bat, ...How to backup and restore an EventLog Analyzer instance?
Backup Process: IMPORTANT: A backup of EventLog Analyzer should not be taken when the instance is running. Stop the ManageEngine EventLog Analyzer service. Open a command prompt with admin privileges. Navigate to <dir>:\ManageEngine\EventLog ...What to do if the EventLog Analyzer failed to update the IP's geolocation data due to network issue?
This occurs when there is no internet connection on the EventLog Analyzer server or if the creator server is unreachable. Domains/sites to be whitelisted: https://creator.zoho.com https://creatorexport.zoho.com The geolocation feature is used by ...