How to send logs to an Amazon S3 Bucket in EventLog Analyzer

How to send logs to an Amazon S3 Bucket in EventLog Analyzer

Objective

EventLog Analyzer offers 2 type of storage. Live logs and archive logs. Live logs are the data that are visible in user interface which is recommended to store in local drive or DAS(Directly Attachable Storage). Archive logs are the data that are stored for backup or for long term storage that can be stored in local drive, remote storage or S3 bucket.

This article explains how to configure ManageEngine EventLog Analyzer to send logs to an Amazon S3 bucket for log archive. backup, compliance, or long-term retention. This ensures your event log data is securely stored in a scalable cloud storage destination.

Prerequisites

- EventLog Analyzer build number has to be 12460 or higher. Archive storage on Amazon S3 bucket has been released in build 12460.
- Administrator access to EventLog Analyzer.  
- An active AWS account with an existing S3 bucket to be added in EventLog Analyzer under cloud account. Refer Adding Cloud source - AWS
- Outbound network access from the EventLog Analyzer server to Amazon S3.  

Steps to follow

1. Log in to EventLog Analyzer user interface.
2. Navigate to Settings >> Admin Setting >> Archive. Click Settings in Top Right corner.
3. Select S3 bucket option from the Archive Zip Location from the list view and enter the archive folder name.
4. Fill in the details listed below.
Select Cloud Account - Choose the cloud account from the configured list. You can also click Configure Cloud Account to switch to Adding Cloud Sources page  
Buckets - Choose the S3 bucket listed from the above AWS account selection.
Storage Type - Choose the type of Amazon S3 bucket storage type based on your organisation's preference.
S3 Encryption - Select the encryption type offered by S3 bucket.
Flat File Encryption - By updating this option, you can Enable or Disable the encrption of Flat files of Archives to ensure data security.
Loaded Retention Period - Enter the log retention period for the loaded archive files. The default period is 7 days. Once the period gets over, the loaded archives will be unloaded automatically.
5. Click Save to save the settings.

Tips

1. You can store the upcoming logs in S3 bucket. You cannot migrate the existing data to Amazon S3 bucket. If you would like to perform the migration to S3 bucket, click here to raise your requirement with the following details to assist you on this.
Details required to validate S3 bucket migration:
  • Number of Archive files available and total size of archives to be migrated.
  • Build number of EventLog Analyzer
  • Database type - MSSQL or PGSQL(built-in) or PGSQL(external)
2. You can either modify the predefined Default policy of archive of create new archive policy for required log sources to store the archive in S3 bucket.
3. Configure AWS account without CloudTrail if you do not want to audit AWS in EventLog Analyzer.
4. You can migrate the existing archive data from local storage to remote storage. Refer How to migrate EventLog Analyzer Archivezip file from one location to another
 


      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                    • Related Articles

                    • How to import logs in EventLog Analyzer from S3 bucket

                      Objective Some applications might record logs in the file system so that the user can import the logs in EventLog Analyzer. This can happen when the logs are located in Local file system of the EventLog Analyzer instance where the shared path is the ...

                    • How to import logs in EventLog Analyzer from Remote path

                      Objective Some applications might record logs in the file system so the user can import the logs into EventLog Analyzer. These logs must be located in the Local file system of the EventLog Analyzer instance with the shared path of Windows OS and ...

                    • How to enable audit for PostgreSQL logs in EventLog Analyzer

                      Objective EventLog Analyzer can audit PostgreSQL logs via log import feature, This article focuses on how to import the PostgreSQL logs via log import in EventLog Analyzer. Prerequisites Availability of license purchased. For build lower than 13000 - ...

                    • How to import logs in EventLog Analyzer from a local path

                      Objective A user can import application logs in EventLog Analyzer when the logs are located in the local file system of the EventLog Analyzer instance, shared path of Windows OS and Linux OS, or S3 bucket. Learn how to import logs in EventLog ...

                    • How to enable audit for SAP ERP audit logs in EventLog Analyzer

                      Objective EventLog Analyzer can audit SAP ERP logs via log import feature, This article focuses on how to import the SAP ERP logs via log import in EventLog Analyzer. Prerequisites Availability of license purchased. For build lower than 13000 - ...

                      Related Products