Click here to expand

    Product Settings


    EventLog Analyzer offers numerous customization capabilities, including limits for emails and SMSs, alert email formats, correlation permissions, and notification settings. The Product Settings tab has two sections, each having certain customization options:

    Product Configurations

    To configure settings such as views per page, number of rows displayed in reports, and so on in EventLog Analyzer, navigate to Settings > Admin Settings > General > Product Settings > Product Configurations.

    Product Settings

    A description of each of the settings is given below:

    Configurations

    Default Values

    Description

    Records Per Page

    10

    Select the number of records to be displayed in the pages of the user interface. The options available are: 5, 10, 20, 25, 50, 75, 100, 250, and 500.

    Daily Email Limit

    500

    Set the maximum permissible number of emails that can be sent per day. Enable or disable the mail limit alert by selecting the Enable/Disable Mail Limit Alert checkbox. There could be a mail server or client limitation for sending the emails.

    Daily SMS Limit

    50

    Set the maximum permissible number of SMS messages to be sent per day. The telecom service provider often sets a limit to the number of SMSs that can be sent per day.

    Alert Email Format

    HTML

    Select whether the alert emails are sent in HTML or plaintext format.

    Historic Log Collection

    Disabled

    Configure whether the logs generated prior to the configuration of a device needs to be collected by the product.

    Database Query Access

    Enabled

    Configure whether access to the product's database is allowed or denied. The product's database can be queried to access product data stored in it.

    Date and Time Format

    yyyy-MM-dd HH:mm:ss

    Set the format of date and time that needs to be displayed throughout the product. Other than the few predefined formats available, you can also create formats of your own. There are a few rules to be followed while creating your own date and time format:

    • The permitted separators are hyphen(-), slash (/), full stop(.), colon(:), comma(,), and space.
    • A space is the only separator that can be used between the date and the time.
    • There should not be any separators at the beginning or at the end.
    • Two continuous separators are not allowed.
    • Entering two digits for the month will display the month in numbers, whereas entering three digits will display it in words. Ex. 'MM' will display June as 06 and 'MMM' will display it as Jun.

    Export Limit

    20000

    Set the maximum number of records to be included in an exported report.

    Rows in Top N Reports

    10

    Set the number of rows to be displayed for reports under the Top N Reports section.

    Compliance Report Record Limit

    500

    Set the maximum number of records to be included in a Scheduled Compliance Report.

    Report Time Out

    25 mins

    Set the maximum time allowed to generate a report.

    Attach Report As

    ZIP Report

    Select the report format to be attached in email. The available options are: PDF/CSV Report and ZIP Report.

    Reporting Mode

    Send Email

    Configure whether you want to save the reports in a folder in the machine, send them as mail attachments, or both. For Save to Location and Send Email & Save to Location options, you have to enter the location to save the reports in the text box. The reporting mode options available are Send Email, Save to Location, and Send Email & Save to Location.

    Empty Reports Mailing Action

    Mail without attachment

    Configure whether you want to receive a mail or not when the reports are empty. There are two types of mail that you can receive. By selecting Mail without attachment, you will receive a mail without the empty reports. Mail with attachment, will let you receive a mail with the empty reports attached. You can choose not to receive a mail by selecting Don't mail reports.

    Mitre ATT&CK framework

    Disabled

    Consolidated data from the Mitre reports will be displayed on the new dashboard tab Mitre Overview when this option has been enabled.

    Note: This feature will increase log processing and it might affect the performance.

    After making the necessary changes, click Save.

    Product Notifications

    To configure the scenarios for which you want to receive notifications from EventLog Analyzer, navigate to Settings > Admin Settings > General > Product Settings > Product Notifications.

    The different scenarios for which you have the option of enabling or disabling alerts have been listed below:

    Configurations

    Description

    License Expiry

    You will be notified that your EventLog Analyzer license is about to expire exactly 30 days, 7 days, and 1 day prior to the expiry date, as well as on the day of expiry.

    EventLog Analyzer Down

    You will be notified when the EventLog Analyzer service crashes or stops.

    EventLog Analyzer Upgrade

    You will be notified when EventLog Analyzer has been successfully upgraded.

    Unprocessed Log Files

    When EventLog Analyzer is unable to process the incoming logs fast enough, the unprocessed logs will be added to files. They will be processed one after the other once EventLog Analyzer is able to process logs. You can set a limit on the number of files which get filled with unprocessed logs. You will be notified once the limit is exceeded.

    In a new installation of EventLog Analyzer, default value for Unprocessed Log Files is 100.

    Low Disk Space

    You will be notified when the free space available in the disk on which EventLog Analyzer is installed goes below a certain value. You can set the limit in terms of GB of free disk space and give a suitable subject for the email which will get triggered.

    Log Collector Failure

    You will be notified when EventLog Analyzer's log collector is unable to collect logs. You can configure the subject of the email which will get triggered.

    Archive integrity

    You will be notified when the archive files are deleted or tampered via an email notification.

    Note: In a new installation of EventLog Analyzer, notifications will be turned on by default for License Expiry, EventLog Analyzer Down, EventLog Analyzer Upgrade, and Unprocessed Log Files.
    • After configuring the necessary notification settings, select if those notification emails need to be sent to all EventLog Analyzer Admins or only to specific email addresses -- which you can enter in the corresponding text box.
    • Then, click Save to complete configuration.

    Security Patch Updates

    Whenever critical vulnerabilities are discovered in EventLog Analyzer, a security patch update is pushed to help mitigate any security threats. The Security Patch Update option has to be enabled for automatic download of security patches, whenever available.

    Prerequisites:

    • Internet connection should be available
    • Zoho creator website should be whitelisted as the patches will download from here.

    Enabling Security Patch Update in EventLog Analyzer:

    Security patch updates

    In the EventLog Analyzer console, go to Settings > Product Settings > Enable Security Patch Update > Save.

    Don't see what you're looking for?

    •  

      Visit our community

      Post your questions in the forum.

       
    •  

      Request additional resources

      Send us your requirements.

       
    •  

      Need implementation assistance?

      Try onboarding

       
    Get download link