Eval-Zone is your one stop evaluation pit stop, which makes your job easy by bringing in all the necessary product resources and forms to seek assistance from our team in one single page.
Get to know more about EventLog Analyzer with these feature specific demos.
EventLog Analyzer supports Amazon Web Services (AWS) EC2 Windows instance logs. You can collect,analyze,search,archive AWS EC2 instance logs in a centralized location with EventLog Analyzer
You can collect MS SQL audit logs at real time. You can get a dozen exclusive canned reports for MS SQL audit logs. You can schedule the reports at regular intervals, export them in PDF format and even redistribute the reports via email.
You can now generate and schedule User based reports for IBM AS/400/iSeries journal logs. The default host report provides you with the important events that includes all the audited logs of IBM AS/400/iSeries machine.
You can also generate reports, trigger alerts and filter journal logs based on audited fields.
Make the Log Search easier and efficient by allowing to search the logs with simple tags
Allows you to set up the alert criteria with custom extracted fields for Oracle, MS SQL, Print Server, IIS and other application logs.
FIM Alerts - You can now trigger alerts and get real time notification for any changes occurring the files and folders.
EventLog Analyzer is a web-based, real-time event log, syslog management solution that collects and reports on logs from distributed servers and workstations and logs from applications, on the enterprise network.
EventLog Analyzer collects event logs from distributed Windows hosts and syslogs from UNIX/Linux hosts, Routers, Switches, other syslog devices and logs from selected applications using an agent-less architecture. Optionally, the application can collect logs using Agent. Events are normalized, aggregated, analyzed and shown as graphs and reports. Real time alerts can be generated for specific events. Analysis of these reports helps in understanding network security, planning for compliance requirements, and also troubleshooting systems quickly and effectively.
GA release of EventLog Analyzer Distributed Edition.
New Features
GA release of EventLog Analyzer Distributed Edition.
New Features:
Enhancements:
UI Enhancements
Bug Fixes:
UI Bug Fixes
Release Impact:
GA release of EventLog Analyzer Distributed Edition.
New Features:
Enhancements:
Bug Fixes:
Release Impact:
GA release of EventLog Analyzer Distributed Edition.
New Features - Managed Server
The general features available in this release include,
The general features available in this release include all the features of EventLog Analyzer Version 7.0 Build 7000 and
Features and Enhancements:
Bug Fixes:
Known Issues:
The general features available in this release include all the features of EventLog Analyzer Version 6.2.0 Build 6020 and
Features:
Bug Fixes:
Known Issues:
The general features available in this release include all the features of EventLog Analyzer Version 6.1.0 Build 6010 and
Features:
Bug Fixes:
GA release of EventLog Analyzer Distributed Edition.
New Features - Admin Server
The general features available in this release include,
New Features - Managed Server
The general features available in this release are,
The general features available in this release include all the features of EventLog Analyzer Version 6.0.0 Build 6002 and
Features:
Bug Fixes:
Known Issues:
The general features available in this release include all the features of EventLog Analyzer Version 6.0.0 Build 6000 and
Major Features:
Features:
Bug Fixes:
GA release of EventLog Analyzer Distributed Edition.
New Features - Admin Server
The general features available in this release include,
New Features - Managed Server
The general features available in this release are,
The general features available in EventLog Analyzer Version 6 are:
Major Features:
Features:
Bug Fixes:
The minimum system requirements for installing and working with EventLog Analyzer are given below.
For 32 Bit Installation
The minimum hardware requirements for EventLog Analyzer to start running are listed below.
For 64 Bit Installation
The minimum hardware requirements for EventLog Analyzer to start running are listed below.
EventLog Analyzer is optimized for 1024x768 monitor resolution and above.
*Hard disk space required, depends on the number of hosts from which event logs are collected, as well as archiving setup.
Installation Requirements
EventLog Analyzer can be installed and run on the following operating systems and versions:
Supported Platforms
EventLog Analyzer can collect and report on event logs from the following operating systems and devices:
Note: For analyzing logs from Windows NT machine, WMI core should have been installed in the Windows NT machine.
Web Browser Requirements
This section explains the key steps for installing the new EventLog Analyzer program. Refer to the User Guide for detailed EventLog Analyzer installation information.
Note: The tray icon option is only available for Windows !
Uninstalling from Windows
Note: If you get an error message stating that the temp directory does not have enough space, try executing this command with the -is:tempdir <directory name> option (where <directory name> is the absolute path of an existing directory)
./ManageEngine_EventLogAnalyzer.bin -is:tempdir <directory name>
Uninstalling from Linux
The following are the default ports used by EventLog Analyzer:
(These ports need not to opened in the Firewall)
Shutting Down from Windows
Shutting down from Linux
The following are the limitations of this release:
The documentation set for this product includes:
The printable PDF version of the User Guide is available at https://www.manageengine.com/products/eventlog/eventloganalyzer-userguide.pdf
Technical Support:
Web site: http://www.eventloganalyzer.com/ | /products/eventlog/
Toll-free: +1 888 720 9500
EventLog Analyzer licenses usually include the right to patches, service packs, and minor upgrades apart from technical support for one (1) year from the date of purchase. After the first year, Maintenance must be renewed on an annual basis.
Enabling Management Your WayTM
ZOHO Corp. provides affordable software in the areas of network applications and database tools. With a broad product portfolio and an active customer base ranging from enterprises, equipment vendors and service providers, ZOHO Corp. has emerged as a very affordable and high-quality alternative to expensive software that is common in the industry. ZOHO Corp. is headquartered in Pleasanton, CA with offices in NJ, MA, India, UK, China and Japan and has a well-trained partner base around the globe.
Visit us at http://www.zohocorp.com/
Copyright © 2013, ZOHO Corp. All rights reserved.
ZOHO Corp., ManageEngine, Enabling Management Your Way are trademarks of ZOHO Corp. All other trademarks are the property of their respective owners.
This License Agreement details the policy for license of ManageEngine® EventLog Analyzer (Licensed Software) on the following topics:
(1) Evaluation License
(2) Commercial License
(3) Technical Support
Please read the following license carefully, before either (i) completing the electronic order or download of the Licensed Software from an authorized website, or (ii) installing the Licensed Software from media that was delivered after being ordered by alternative order process, as applicable. You acknowledge that you have read this License Agreement, have understood it, and agree to be bound by its terms. If you do not agree to the terms and conditions of this Agreement, either (i) exit the web site page without continuing the ordering process, or (ii) return the provided unused media and documentation within thirty (30) days from the date of shipment of the Licensed Software for a full refund of your payment, as applicable.
ZOHO Corp. grants to you a nonexclusive, non-transferable, Evaluation License for trial and evaluation of the Licensed Software for internal business purpose, in binary object code form, for a period of thirty (30) days from the date of download or installation. This License begins upon downloading or installing the Licensed Software and ends thirty (30) days thereafter ("Evaluation Period").
If you are not willing to use the Licensed Software, either the Free Edition or the Professional Edition, after the Evaluation Period, you agree to remove the software from your computer with immediate effect except for any automatically generated back up copies used for no purpose. You are forbidden from using the Licensed Software for any other use or otherwise offering it for resale under the terms of this Section 1. ZOHO Corp. retains all rights not specifically granted to you herein.
(a) Free Edition: Where applicable, if you choose to use the Free Edition beyond the Evaluation Period, the Licensed Software allows you to monitor up to 5 hosts. ZOHO Corp. grants you a non-exclusive, nontransferable, worldwide license to use the Licensed Software for no cost in perpetuity
(b) Paid Subscription License: As part of your choosing subscription license for the Professional or Premium or Distributed Editions of Licensed Software, ZOHO Corp. grants you a fee-bearing, nonexclusive, non-transferable, world-wide license to Use such edition of Licensed Software for internal business purpose including user documentation that you have downloaded from or received on media provided by ZOHO Corp., including all updates, where applicable, during the period of your subscription, provided that such access and Use of the Licensed Software is in accordance with the Single Installation License granted by ZOHO Corp. Details on features and functionalities provided as part of subscription license for the Professional and Premium Editions are available on the website www.zohocorp.com.
Under the Subscription License, the Licensed Software is licensed only for the duration of subscription. If you do not renew the subscription beyond the duration, you agree to stop using the software, and remove the software from your systems.
To continue using the Licensed Software beyond the subscribed duration, you must renew your license at least 10 days before the expiry of the term.
(c) Paid Perpetual License: As part of your choosing perpetual license for the Professional Edition, or Premium Edition, or Distributed Edition, of Licensed Software, ZOHO Corp. grants you a fee-bearing, nonexclusive, non-transferable, perpetual, world-wide license to Use such edition of Licensed Software for internal business purpose including user documentation that you have downloaded from or received on media provided by ZOHO Corp., including all updates, where applicable, provided that such access and Use of the Licensed Software is in accordance with the Single Installation License granted by ZOHO Corp. Details on features and functionalities provided as part of perpetual license for the Professional and Premium Editions are available on the website www.zohocorp.com.
"Use" means storing, locating, installing, executing or displaying the Licensed Software.
"Single Installation License" means that one copy of the Licensed Software shall not be put to more than one concurrent Use.
The Licensed Software may contain software which originated with third party vendors and without limiting the general applicability of the other provisions of this Agreement, you agree that (a) the title to any third party software incorporated in the Licensed Software shall remain with the third party which supplied the same; and (b) you will not distribute any such third party software available with the Licensed Software, unless the license terms of such third party software provide otherwise.
In addition to all other terms and conditions of this Agreement, you shall not:
(i) install one copy of the Licensed Software for more than one concurrent Use;
(ii) remove any copyright, trademark or other proprietary notices from the Licensed Software or its copies;
(iii) make any copies except for one back-up or archival copy, for temporary emergency purpose;
(iv) rent, lease, license, sublicense or distribute the Licensed Software or any portions of it on a standalone basis or as part of your application;
(v) modify or enhance the Licensed Software;
(vi) reverse engineer, decompile or disassemble the Licensed Software;
(vii) allow any third parties to access, use or support the Licensed Software except employees, contractors, consultants or other third parties engaged by you to do any of the foregoing on behalf of or for your benefit;
As part of subscription license, ZOHO Corp. provides support that includes email support for problem reporting, product updates, upgrades and online access to product documentation at no additional cost for the period of subscription. Technical Support is not included as part of perpetual license. You may purchase technical support services for perpetual license by paying the then current maintenance and support fee.
ZOHO collects details pertaining to your usage of the Licensed Software such as the license details, OS details, type of installation, database configured, data storage options configured, total number of devices including the types of the devices, top urls accessed, and frequency of use of the various features of the Licensed Software. ZOHO agrees to furnish the data collected regarding your usage of the Licensed Software upon request by you. You understand and acknowledge that collection of Usage Details is enabled by default and that it needs to be disabled through the Licensed Software's user interface if you do not wish to allow ZOHO to collect Usage Details.
ZOHO Corp. owns all right, title and interest in and to the Licensed Software. ZOHO Corp. expressly reserves all rights not granted to you herein, notwithstanding the right to discontinue or not to release any Licensed Software and to alter prices, features, specifications, capabilities, functions, licensing terms, release dates, general availability or characteristics of the Licensed Software. The Licensed Software is only licensed and not sold to you by ZOHO Corp.
ZOHO Corp. shall have the right to audit your Use of the Licensed Software by providing at least seven (7) days prior written notice of its intention to conduct such an audit at your facilities during normal business hours.
The Licensed Software contains proprietary information of ZOHO Corp. that are protected by the laws of the United States and you hereby agree to take all reasonable efforts to maintain the confidentiality of the Licensed Software. You agree to reasonably communicate the terms and conditions of this Agreement to those persons employed by you who come into contact with or access the Licensed Software, and to use reasonable efforts to ensure their compliance with such terms and conditions, including but not limited to, not knowingly permitting such persons to use any portion of the Licensed Software for a purpose that is not allowed under this Agreement.
ZOHO Corp. does not warrant that the Licensed Software will be error-free. Except as provided herein, the Licensed Software is furnished "as is" without warranty of any kind, including the warranties of merchantability and fitness for a particular purpose and without warranty as to the performance or results you may obtain by using the Licensed Software. You are solely responsible for determining the appropriateness of using the Licensed Software and assume all risks associated with the use of it, including but not limited to the risks of program errors, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
In no event will ZOHO Corp. be liable to you or any third party for any special, incidental, indirect, punitive or exemplary or consequential damages, or damages for loss of business, loss of profits, business interruption, or loss of business information arising out of the use or inability to use the program or for any claim by any other party even if ZOHO Corp. has been advised of the possibility of such damages. ZOHO Corp's entire liability with respect to its obligations under this agreement or otherwise with respect to the Licensed Software shall not exceed the amount of the license fee paid by you for the Licensed Software.
ZOHO Corp. agrees to indemnify and defend you from and against any and all claims, actions or proceedings, arising out of any claim that the Licensed Software infringes or violates any valid U.S. patent, copyright or trade secret right of any third party; so long as you provide; (i) prompt written notice to ZOHO Corp. of such claim; (ii) cooperate with ZOHO Corp. in the defense and/or settlement thereof, at ZOHO Corp's expense; and, (iii) allow ZOHO Corp. to control the defense and all related settlement negotiations. The above is ZOHO Corp's sole obligation to you and shall be your sole and exclusive remedy pursuant to this Agreement for intellectual property infringement.
ZOHO Corp. shall have no indemnity obligation for claims of infringement to the extent resulting or alleged to result from (i) any combination, operation, or use of the Licensed software with any programs or equipment not supplied by ZOHO Corp; (ii) any modification of the Licensed Software by a party other than ZOHO Corp; and (iii) your failure, within a reasonable time frame, to implement any replacement or modification of Licensed Software provided by ZOHO Corp.
This Agreement is effective until terminated by either party. You may terminate this Agreement at any time by destroying or returning to ZOHO Corp. all copies of the Licensed Software in your possession. ZOHO Corp. may terminate this Agreement for any reason, including but not limited to your breach of any of the terms of this Agreement. Upon termination, you shall destroy or return to ZOHO Corp. all copies of the Licensed Software and certify in writing that all know copies have been destroyed. All provisions relating to confidentiality, proprietary rights, non-disclosure, and limitation of liability shall survive the termination of this Agreement.
This Agreement shall be construed, interpreted and governed by the laws of the State of California exclusive of its conflicts of law provisions. Any dispute arising out of or resulting from this Agreement shall be subject to the jurisdiction of courts in Alameda County, California and the parties waive any objection in respect of inconvenience thereof. This Agreement constitutes the entire agreement between the parties, and supersedes all prior communications, understandings or agreements between the parties. Any waiver or modification of this Agreement shall only be effective if it is in writing and signed by both parties hereto. If any part of this Agreement is found invalid or unenforceable, the remainder shall be interpreted so as to give reasonable effect to the intention of the parties. You shall not export the Licensed Software or your application containing the Licensed Software except in compliance with United States export regulations and applicable laws and regulations.
This section lists the minimum system requirements for installing and working with EventLog Analyzer.
For 32 Bit Installation
The minimum hardware requirements for installing and working with EventLog Analyzer are given below.
For 64 Bit Installation
The minimum hardware requirements for EventLog Analyzer to start running are listed below.
EventLog Analyzer is optimized for 1024x768 monitor resolution and above.
* The following table recommends the disk space and RAM size requirements of the system where EventLog Analyzer is installed. The disk space and RAM size requirements depends on the number of host sending log information to EventLog Analyzer, the number of host log records received per second or the host log data received per day by EventLog Analyzer. The calculation is worked out for 100 hosts and an average log record size of 350 bytes.
Log Records Rate or Volume | RAM Size | Hard Disk Space Requirement Per Month to Archive Logs |
100/sec or 4 GB/day | 2 GB | 85 GB |
500/sec or 20 GB/day | 4 GB | 400 GB |
1000/sec or 40 GB/day | 8 GB | 800 GB |
For better performance, you can replace the existing MySQL parameters mentioned in startDB.bat/sh, available under
Hardware RAM Size |
MySQL Parameter Changes |
---|---|
2 GB | " --innodb_buffer_pool_size= 1200M " |
3 GB | " --innodb_buffer_pool_size= 1500M " |
4 GB | " --innodb_buffer_pool_size= 1500M " |
EventLog Analyzer can be installed and run on the following operating systems and versions:
EventLog Analyzer has been tested to support the following browsers and versions:
'How to' videos will guide you to work with particular EventLog Analyzer functionalities.
EventLog Analyzer has an agentless architecture that uses built-in syslog & event log server to store the event logs & syslogs obtained from all the configured devices, and provides comprehensive event, compliance, and custom reports. This helps network administrators analyze system problems, improve network security, and reduce downtime of servers, workstations, domain controllers, switches, and routers of enterprise networks. The collected logs are parsed and stored in the inbuilt PostgreSQL database for analysis and report generation.
EventLog Analyzer supports event log and syslog data collection for over 80 manufacturers, hundreds of devices, platforms & services. Here is a partial list of supported data log sources.
EventLog Analyzer's Universal Log Parsing and Indexing technology allows it to collect, analyze, search, archive and generate reports from any machine-generated logs, even from data sources not listed below, as long as the received log data is in non-encrypted, human-readable format.
Click here download as PDF
EventLog Analyzer product performs better in the supported Operating Systems. Also, the EventLog Analyzer performance depends on the speed of the hosts. The product, in addition, maintains compatibility with the server parameter.
MySQL Database Tuning
MySQL database is bundled with EventLog Analyzer. The batch/script file (startDB.bat/sh) in which the parameters need to changed is located at
RAM Size
|
MySQL Parameter Changes
|
1 GB | Default configuration as given in the startDB.bat/sh file |
2 GB | " --innodb_buffer_pool_size=1200M " |
3 GB | " --innodb_buffer_pool_size=1500M " |
4 GB | " --innodb_buffer_pool_size=1500M " |
8 GB (64 Bit) | " --innodb_buffer_pool_size=3000M " |
16 GB (64 Bit) | " --innodb_buffer_pool_size=3000M " |
Java Parameters Tuning
For RAM size exceeding 2 GB for EventLog Analyzer server, follow these guidelines to allocate more memory to Java process. This will improve overall performance of the application.
Search for the following parameters in the file:
wrapper.java.initmemory=128
wrapper.java.maxmemory=512
Replace values 128 and 512 to 512 and 1024 respectively.
wrapper.java.initmemory=512
wrapper.java.maxmemory=1024
Open the file named run.bat/sh with text editor, located at <EventLog Analyzer Home>/bin directory.
Windows OS Configuration Method:
Search for the following parameters in the file:
set JAVA_OPTS=%JAVA_OPTS% -Xms128m -Xmx256m
Replace values 128m and 256m to 512m and 1024m.
set JAVA_OPTS=%JAVA_OPTS% -Xms512m -Xmx1024m
Linux OS Configuration Method:
Search for the following parameters in the file:
# Setup JBoss specific properties
JAVA_OPTS="$JAVA_OPTS -Xms128m -Xmx256m -Dprogram.name=$PROGNAME
-Djboss.server.type=com.adventnet.j2ee.deployment.system.AdventNetServerImpl
-Djboss.deploy.loc
alcopy=true-Djboss.boot.library.list=log4j-boot.jar,jboss-common.jar,
jboss-system.jar,AdventNetDeploymentSystem.jar,commons-logging.jar
Replace values 128m and 256m to 256m and 512m in the above command.
# Setup JBoss specific properties
JAVA_OPTS="$JAVA_OPTS -Xms256m -Xmx512m -Dprogram.name=$PROGNAME
-Djboss.server.type=com.adventnet.j2ee.deployment.system.AdventNetServerImpl
-Djboss.deploy.loc
alcopy=true -Djboss.boot.library.list=log4j-boot.jar,jboss-common.jar,jboss-
system.jar,AdventNetDeploymentSystem.jar,commons-logging.jar"
Save and close the run.bat/sh file.
Note: | Even though, you can change the settings up to 1500 in 32 bit installation in a dedicated server, it is not recommended. |
In case of 64 bit, 8 or 16 GB RAM, you can allocate the memory for Java process, based on the available physical memory.
You can increase the values by 30% and 60% of available physical memory to Min and Max values respectively.
The role of EventLog Analyzer in your organization IT is to collect, analyze, record and preserve the logs. The analysis of the logs will detect operational issues in systems and servers within the IT environment. It finds out internal security issues and assists in confirming compliance and forensic investigation. The performance of EventLog Analyzer in your environment is determined by the following factors: the rate at which the logs are generated, the number of hosts that require monitoring and the volume of logs produced.
Hardware Requirements for EventLog Analyzer
The basic hardware requirements for this particular type of systems are:
The basic hardware requirements for EventLog Analyzer to perform on this particular type of systems are:
Software Requirements for EventLog Analyzer
The basic software requirements for EventLog Analyzer to perform on your systems is listed below:
Supported OS
Configurations:
If EventLog Analyzer is installed in SuSE Linux, you need to ensure that in the mysql-ds.xml file located at
Supported Browsers
The following table focuses on the disk space and RAM size requirements of the system for installing EventLog Analyzer. This requirement is based on: the number of hosts for EventLog Analyzer to extract logs from; the rate of activities occurring per second or on per day basis.
The below mentioned data is computed by accounting 100 hosts to derive an average log size of 500 bytes.
Log Records Rate or Volume
|
RAM Size
|
Hard Disk Space Requirement
Per Month to Run EventLog Analyzer |
100/sec or 4 GB/day |
2 GB |
85 GB |
500/sec or 20 GB/day |
4 GB |
400 GB |
1000/sec or 40 GB/day |
8 GB | 800 GB |
The Method of Calculating the Required Hard Disc Space
EventLog Analyzer Disc Space scales to meet the growing collection of logs and the number of host devices configured for log collection. By default, the 'Archive' and 'Indexes' folder located at the product installation path tend to increase in size. It is advisable to calculate an estimate of the hardware requirement based on the specified criteria for a specific period of time and for 'x' number of devices. Consider the following method of calculating, considering the parameters to reach an estimate on the hard disc space requirement to run EventLog Analyzer:
Total Disc Space = Archive+Indexes + 5 GB
We can directly calculate the Archive content as below,
Archive = Average Log Size * Logs per sec per Host * 60 * 60 * 24 * No of Days * No of Hosts Indexes = 1.3 * Average Log Size * Logs per sec per Host * 60 * 60 * 24 * No of Days * No of Hosts = 1.3 * Archive
Since we are zipping the 'Archive' and 'Indexes' folders, the folder size will reduce by 90%, implying the zipping ratio as 10:1.
Therefore, the Total Disc Space would be ===> ( Archive + 1.3 * Archive )/10 + 4 days of archive + 7days of Index+ 5 GB) i.e., Default Archive zip interval is 4 days and Index zip interval is 7 days.
Average Log Sizes:
Storage Settings:
Noise Reduction:
EventLog Analyzer facilitates the filter option that will retain and prioritize only those logs in the database that are of corporate interest for a quick view. Rest of the logs are collected in the archive folder and are made available for viewing at any given point of time. Additionally, the filtering functionality also ensures the optimum use of hard disc. Gain an insight into the Database Filter option by accessing the link:
You may not want to apply the filtering technique to the generated logs. Regardless of the log type or severity, you may want all the logs to appear on the database as well as on the archive folder. To do so, you follow these guidelines:
Edit the runSec.bat/sh file located under <EventLog Analyzer Home>\bin directory and add the entry -filtBeforeArch 1 as below
Default Entry :
bin\SysEvtCol.exe -loglevel 2 -port 513 514 %*
Customized Entry:
bin\SysEvtCol.exe -loglevel 2 -filtBeforeArch 1 -port 513 514 %*
General Instructions to Control Disk Space Growth
In case of any disc space constraint, it is possible to shift the folders: Archive and Indexes to a different drive or Network Mapped Drive. To do so, you can access the options available on: Settings > Archive Settings page· A choice of locations is available for archiving and swapping the logs periodically. For instance, you can transfer the contents of the dormant archive to tape drive or high capacity storage for longer period of storage. Facility to assign separate dedicated drive(s) to archive log files in order to overcome the disk space limitation issue, is possible.
In case, the product is running in debug mode, after consulting the support personnel instruction, you should change it to default log level as soon as the support request is closed. Debug level will increase the 'log' folder growth (located under <EventLog Analyzer Home>\server\default directory).
For any other issues, please contact EventLog Analyzer Technical Support
The Free Edition of EventLog Analyzer is limited to handling event logs from a maximum of five hosts, whereas the Professional Edition can handle event logs from an unlimited number of hosts. There is no other difference between the two editions, with respect to features or functionality.
The trial version is a fully functional version of EventLog Analyzer Premium Edition. When the trial period expires, EventLog Analyzer automatically reverts to the Free Edition.
No, you do not have to reinstall or shut down the server. You just need to enter the new license file in the Upgrade License box.
This depends only on the capacity of the server on which EventLog Analyzer is installed. The EventLog Analyzer license does not limit the number of users accessing the application at any time.
Yes. As long as the web browser can access the server on which EventLog Analyzer is running, you can work with EventLog Analyzer from any location.
Yes absolutely. Install a 30-day trial version and register yourself during installation to avail free technical support during evaluation. For technical support contact eventlog-support@manageengine.com.
EventLog Analyzer is licensed based on number hosts or applications.Host means any server or device like switch, router etc., with a Syslog source or Windows Event Log source.
Application means EventLog Analyzer supported application. If you want to monitor a number of applications residing in a single machine, each application is considered as one unit of application license.
You can buy EventLog Analyzer directly from the ManageEngine Online Store, or from a reseller near your location.
No. Upgrading to a newer EventLog Analyzer version doesn't cost you. However, you need to have Annual Subscription License .
Yes you can install EventLog Analyzer in Linux machine. But WMI interface doesn't work with a Linux installation. However there is a work around. You can install a open source log forwarder like SNARE, to forward your Windows event log to the Linux server. For more clarification,watch our video on forwarding event logs to Linux EventLog Analyzer server through SNARE.
It is recommended that you install EventLog Analyzer on a machine with the following configuration:
Look up System Requirements to see the minimum configuration required to install and run EventLog Analyzer.
EventLog Analyzer can be started as a root user, but all file permissions will be changed, and later you cannot start the server as another user.
The web server port you have selected during installation is possibly being used by another application. Configure that application to use another port, or change the EventLog Analyzer web server port.
Normally, the EventLog Analyzer is installed as a service. If you have installed it as an application and not as a service, you can configure it as a service any time later. The procedure to configure as service, start and stop the service is given below.
To configure EventLog Analyzer as a service after installation:
Normally, the EventLog Analyzer is installed as a service. If you have installed as an application and not as a service, you can configure it as a service any time later. The procedure to configure as service, start and stop the service is given below.
To configure EventLog Analyzer as a service after installation:
The archiving feature in EventLog Analyzer automatically stores all logs received in zipped flat files. You can configure archiving settings to suit the needs of your enterprise. Apart from that, if you need to backup the database, which contains processed data from event logs, you can run the database backup utility, BackupDB.bat/.sh present in the
To take a backup of the existing EventLog Analyzer MySQL database, ensure that the EventLog Analyzer server or service is stopped and create a ZIP file of the contents of
Steps to take backup of MSSQL database:
Find the current location of the data file and log file for the database eventlog by using the following commands:
use eventlog
go
sp_helpfile
go
Detach the database by using the following commands:
use master
go
sp_detach_db 'eventlog'
go
Backup the data file and log file from the current location (
For Windows hosts, enter the host name and the authentication details, and then add the host. For Unix hosts, enter the host name and the port number of the syslog service, and then add the host. (Ensure that the syslog service is running, and that it is using the same port number specified here.)
The session information for each user can be accessed from the User Management link. Click the View link under Login Details against each user to view the active session information and session history for that user.
Please follow the below steps to move an existing EventLog Analyzer server to a new machine/server.
In-case of any issues while performing the above steps, please do not continue any further and contact eventlog-support@manageengine.com to assist you better.
To assign/change MySQL Database password, follow the below given steps:
Graphs are empty if no data is available. If you have started the server for the first time, wait for at least one minute for graphs to be populated.
Reports can be generated in HTML, CSV, and PDF formats. All reports are generally viewed as HTML in the web browser, and then exported to CSV or PDF format. However, reports that are scheduled to run automatically, or be emailed automatically, are generated only as PDF files.
Best value
Most popular
Enterprise-grade
*The quoted prices are for Annual Subscription License
Not sure which edition to pick? Fill this form to get help from our support team.