Troubleshooting guide: No data available in a Compliance Report

Troubleshooting guide: No data available in a Compliance Report

Overview

This document provides a technical explanation and resolution guide when there is no data being displayed under compliance reports in ManageEngine EventLog Analyzer. Compliance reports include regulatory standards such as PCI-DSS, HIPAA, ISO 27001, FISMA, GLBA, SOX, and others. When no events populate these reports, it may indicate gaps in log collection, parsing, or configuration.

Possible causes   

  • Log collection issues with the specific log types (e.g., security, application, or system logs from Windows/Linux devices)
  • Improper or missing device configuration in EventLog Analyzer
  • Logs collected but not parsed or categorized for reports/compliance mapping
  • Disabled or misconfigured compliance report modules
  • The performance of the server where EventLog Analyzer is installed may have consistently spiked, thereby hindering the further processing of logs

Prerequisites   

Before proceeding with troubleshooting, ensure:
  • Devices sending logs are reachable and integrated with valid credentials: Domain and Accounts
  • Adequate disk space and resources are available for processing: System Requirements
  • Check whether relevant log sources are actively monitored and the log collection is reviewed
  • Verify the configurations set for the respective compliance standards is as per the following guide: Compliance Reports

Resolution  

Step 1: Verify Log Collection
    • Navigate to Settings > Devices and check log flow status. We can enable the Last message time column in both Windows and Syslog devices to understand the log collection. The image below is for your reference.
    • For Windows: Confirm that Security logs are being collected.
    • For Linux: Ensure audit logs or syslogs are captured appropriately.
We can review the collected logs through the Search tab to understand the log types, key information, and event IDs within the log messages. 

Step 2: Check compliance configuration
    • Go to Compliance tab > [Select Regulation] > Click on Edit > Ensure target devices are mapped to the selected compliance module. The image below is for your reference.
    • Please note that the corresponding log sources must be available in EventLog Analyzer for the respective category report data to be generated.
For example, to review Cloud Sources reports under the PCI-DSS compliance standard, the relevant source must be configured appropriately in the application.

Step 3: System performance
    • Please be informed that log management solutions are resource-intensive, and selecting the right hardware plays a major role in ensuring optimal performance.
    • Improper allocation of the system resources will result in the formation of cached records - Unprocessed logs.
    • Based on your log flow, please allocate your server as per the following recommendations: System Requirements

 Tips

How to contact support  

If the issue persists after following the above steps, you can contact the ManageEngine EventLog Analyzer Support Team with the following details:
  • Product version and build number
  • Screenshot or export of the empty compliance report
  • List of affected device IPs and compliance standards in use
  • Latest product logs:
    <dir>: ManageEngine\EventLog Analyzer\logs
Support Channels:
 



      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                      Related Products