Enabling historic log collection | Online help - EventLog Analyzer

Enabling historic log collection in EventLog Analyzer

EventLog Analyzer collects all the logs present in the Windows Event Viewer (i.e., Windows Logs > Application, Security, System) when the historic log collection option is enabled.

To enable historic log collection, follow the steps below: 
  1. Navigate to Settings > Admin Settings > Product Settings > Enable Historic Log Collection.
    1. If EventLog Analyzer is down for a few days, the application collects all the logs from the Event Viewer when the server is restored, provided historic log collection is enabled.
    2. For agent-based log collection, the agent will collect all the logs available in the Event Viewer after the server is back online by default. 
  2. Navigate to Settings > Configuration > Manage Devices > Add Devices. Select the device, click the icon on the right to enable historic log collection, and click Add


Note: When you add a device to EventLog Analyzer for the first time and enable historic log collection, EventLog Analyzer collects all the logs available in the Event Viewer for the device.


                  New to ADSelfService Plus?

                    • Related Articles

                    • Introduction to EventLog Analyzer

                      What is log management?  An enterprise network consists of different entities—perimeter devices, workstations, servers, applications, and more. Each entity records every activity that unfolds within it in the form of logs. These logs hold information ...
                    • Unable to start EventLog Analyzer

                      Issue description This issue occurs when the EventLog Analyzer service fails to start, or when users are unable to access the web client through the browser (typically on ports 8400 or 8445). Users may experience one or more of the following ...
                    • How to deploy EventLog Analyzer as a service?

                      EventLog Analyzer as a service can be deployed in two ways:   Via the command prompt: Establish a remote connection with the server where EventLog Analyzer is installed. Open the command prompt with Admin privileges. Navigate to ...
                    • How to uninstall EventLog Analyzer Windows agent via UI

                      Objective This article provides detailed information on how to uninstall a Windows agent from the user interface of EventLog Analyzer. Prerequisites Ensure the required network ports are open: Port 135 Port 139 Port 445 Dynamic RPC port range ...
                    • Unable to apply the license file in EventLog Analyzer

                      Issue description EventLog Analyzer requires users to manually update the license file obtained from the licensing team to activate features beyond the trial period or during renewal. If the license file is not uploaded correctly, users may encounter ...