![]() ![]() ![]() |
EventLog Analyzer provides a facility to save the server and client configurations to use it for future restart.
![]() |
This option is enabled only for users with Admin access level and not for Operator or Guest access level |
Click the ELA Configurations link under the Settings tab to change the configured values or restore the default values and save the settings for future use.
The following configurations can be carried out:
EventLog Analyzer Configuration
Configurations |
Default Values |
Value Options |
Description |
View Per Page: | 10 | 5, 10, 20, 25, 50, 75, 100, 150, 200 | You can select the number of hosts to be displayed in the web client pages. |
Low Disk Space Alert: | 5 GB | You can enable or disable the Low Disk Space Alert. If you enable, an alert will be generated when the disk space availability of EventLog Analyzer Archive Logs and Log data falls below the set threshold. You can set the threshold value. | |
Direct Export Report Limit: | 20000 | The maximum number of records to be included in a directly exported report | |
Rows in Top N Reports: | 10 | You can set the number of rows to be displayed for reports under Top N Reports section. | |
Custom Report Record Limit: | 1000 | The maximum number of records to be included in a Scheduled Custom Report | |
Compliance Report Record Limit: | 500 | The maximum number of records to be included in a Scheduled Compliance Report | |
Report Time Out: | 25 mins | You can set the maximum time allowed to generate a report. | |
Attach Report As: | ZIP Report | PDF/CSV Report, ZIP Report | You can select the report format to be attached in Email. |
Daily Mail Limit: | 500 | You can set the maximum permissible number of Email to be sent per day. You can enable or disable mail limit alert by selecting the Enable/Disable Mail Limit Alert check box. | |
Daily SMS Limit: | 50 | You can set the maximum permissible number of SMS messages to be sent per day. | |
Reporting Mode: | Send Mail | Send Mail, Save To Folder, Send Mail & Save To Folder | With this configuration you can configure the reports saved in any folder in the machine and/or send them as mail attachements. For Save To and Send Mail & Save To Folder options, you have to enter the location to save reports, in the text box besides the option combo box. |
Click the [ Fill with default values ] link to restore the default value for the above configurations.
Once you have made the required changes, click Save button to save the settings changes. Click Cancel to return to the default Settings tab.
Configure Oracle Hosts in EventLog Analyzer
To configure hosts for which you want to monitor Oracle logs carry out the procedure given below.
After Configuring Oracle Hosts in EventLog Analyzer, carry out the configuration given below in Oracle server.
Oracle Server Configuration
Reference: http://download.oracle.com/docs/cd/B28359_01/network.111/b28531/auditing.htm#CEGBIIJD
For Oracle server installed in Windows platform
connect to sqlplus
ALTER SYSTEM SET AUDIT_TRAIL=OS SCOPE=SPFILE;
For Oracle Server installed in Unix platform
To enable Oracle syslog auditing, follow the procedure given below:
For example: ALTER SYSTEM SET AUDIT_TRAIL=OS SCOPE=SPFILE;
Set the AUDIT_SYSLOG_LEVEL parameter to specify a facility and priority in the format AUDIT_SYSLOG_LEVEL=facility.priority.
facility: Describes the part of the operating system that is logging the message. Accepted values are user, local0–local7, syslog, daemon, kern, mail, auth, lpr, news, uucp, and cron.
The local0–local7 values are predefined tags that enable you to sort the syslog message into categories. These categories can be log files or other destinations that the syslog utility can access. To find more information about these types of tags, refer to the syslog utility MAN page.
priority: Defines the severity of the message. Accepted values are notice, info, debug, warning, err, crit, alert, and emerg.
The syslog daemon compares the value assigned to the facility argument of the AUDIT_SYSLOG_LEVEL parameter with the syslog.conf file to determine where to log information.
For example, the following statement identifies the facility as local1 with a priority level of warning:
AUDIT_SYSLOG_LEVEL=local1.warning
See Oracle Database Reference for more information about AUDIT_SYSLOG_LEVEL.
For example, assuming you had set the AUDIT_SYSLOG_LEVEL to local1.warning, enter the following:
local1.warning /var/log/audit.log
This setting logs all warning messages to the /var/log/audit.log file.
$/etc/rc.d/init.d/syslog restart
Now, all audit records will be captured in the file /var/log/audit.log through the syslog daemon.
Print Server Configuration
To configure Print Servers for which you want to monitor the logs carry out the procedure given below.
After Configuring Print Server in EventLog Analyzer, carry out the configuration given below in Print Server.
Print Server Configuration
If the Print Server host is a 64 bit Windows OS machine (i.e., Windows Vista and above), carry out the following registry configuration:
![]() |
This configuration is not required for 32 bit Windows OS versions |
![]() ![]() ![]() |