Device Management

All the devices added to EventLog Analyzer for monitoring can be viewed under Settings > Configuration > Manage Devices.

In this page, you can find three tabs: Windows Devices, Syslog Devices and Other Devices. Under Windows Devices, you can use the Select Category drop-down menu to select a domain or workgroup.

1. Devices are displayed with the following icons: Search, Enable, Disable, Filter Change Monitor time interval, and Delete. The Filter option lets you choose the devices for reports by their status (enabled/disabled), state (active/inactive) and device group.


2. The table displays the following columns:


1. Checkbox against all devices
2. Actions: Configure event source file and Update icons.
3. Device Name
4. Device IP address
5. Last Message Time
6. Last Event Collected On
7. Next Scan On: Shows when the next scan is scheduled. The Scan Now link against each device will scan the device instantly.
8. Monitoring Interval: The period for collection of logs.
9. Device Group
10. Status: Status of log collection.

Quick Links

• Configuring Auto Log Forward for Unix machines
• Configure domains and workgroups
• Manage Device Groups

Manage Devices

How to add a device?

Refer to Add Device.

How to delete a device?

1. Go to Settings > Configuration > Manage Devices.
2. Select the appropriate tab from Windows Devices, Syslog Devices, Other Devices.
3. Select the checkbox(es) against the respective device(s).
4. Click the delete icon in the action menu.
5. Click Yes in the delete confirmation pop-up.

How to disable/enable a device?

1. Navigate to Settings > Configuration > Manage Devices.
2. Select the appropriate tab from Windows Devices, Syslog Devices, Other Devices.
3. Select the device(s) by selecting the respective check box(es).
4. Click the disable or enable icons in the action menu.

How to change the monitoring interval?

1. Navigate to Settings > Configuration > Manage Devices > Windows Devices
2. Select the device(s) by selecting the respective check box(es).
3. Click the Change monitor interval icon in the action menu.
4. In the box that opens, select the time interval in minutes as needed.
5. Click Update.

How to update a device's configuration?

1. Go to Settings > Configuration > Manage Devices > Windows Devices.
2. Click the edit icon for the device. For Syslog Devices and Other Devices,hover over the device for edit icon to appear.
3. This opens the Update Device box where you can edit Device Type, Device IP Address, Display Name and Log Collection Mode.
Note: The Log Collection Mode can be configured either for real-time log collection or for scheduled collection with monitoring interval.
4. Click Advanced to edit Encoding Type and Time zone.
5. Click Update.

How to configure event source files in a device?

1. Go to Settings > Configuration > Manage Devices > Windows.
2. Click the Configure Event Source Files icon for the device.
3. In the Event source files dialog box, select the type(s) of event source files.
4. Click Configure.

Configure Auto Log Forward for Unix devices

1. Go to Settings > Configuration > Manage Devices > Syslog Devices.
2. Select the Unix device by ticking the checkbox.
3. Click Configure Auto Log Forward in the Actions menu.
4. Enter the root login credentials for the Unix device and SSH port number.
5. For configuring syslog forwarding , enter the IP address of the EventLog Analyzer server.
6. Select the protocol — TCP/UDP.
7. Specify the Syslog Port number. Note that the default port numbers are 513 and 514 for UDP and 514 for TCP.
8. Click Verify & Update.