| General |
| |
| |
| |
| |
|
| |
| Installation & Deployment |
| |
| |
| |
| Troubleshooting |
| |
|
| |
| |
| |
|
|
|
| RSS Feeds |
| |
| |
|
| |
| |
| |
| |
| |
|
|
| General |
| Q1.
What is EventLogCentral? |
EventLogCentral, powered by EventTracker helps you to monitor all logs generated in your network from anywhere just with the help of a browser. It is an indispensable tool for System administrators, Security Analysts, and Compliance Auditors.
ELC is a secure web based user interface to manage log data collected by EventTracker.
|
| Q2.
What are the software and hardware requirements for EventLogCentral(ELC)? |
Hardware Requirement:
CPU |
3Ghz+ |
RAM |
1GB+ |
HDD |
10GB+ |
Software Requirement:
- Operating System: Windows 2003 Server (with the latest service packs), Windows 2000 Server (with the latest service packs).
- Web Browsers: Microsoft® Internet Explorer 6.0 and above (or) Firefox 2.0 (Mozilla) (or) Netscape 8.0 and above.
- Web Server: IIS 5.0 and above.
- Data Access Components: MDAC 2.7 and above (Microsoft Download Center).
- .NET Framework 2.0 (http://www.microsoft.com/downloads)
- EventTracker™ 6.0 and above
|
| Q3.
What is the necessity of Active Directory for accessing ELC? |
EventLogCentral provides two User Authentication options namely “Local Account” and “Active Directory”. You can select an appropriate option while installing ELC, through the EventLogCentral Configuration dialog.
If you want “Local Account” authentication, the user accounts and group accounts should preexist in the target computer. So, create user accounts and group accounts in the target computer before you attempt to install ELC.
If you want “Active Directory” authentication, the user accounts and group accounts should preexist in the Active Directory. So, create user accounts and group accounts in the Active Directory before you attempt to install ELC.
For more information, refer ELC Install Guide.
|
Q4. Can ELC can be accessed through any browser? |
ELC can be best viewed in Microsoft® Internet Explorer 6.0 or Mozilla.
|
Q5. What are Regular Expressions? |
Regular expressions are a powerful and flexible method for processing text information. EventLogCentral takes the unique approach of allowing you to use regular expressions for defining rules for filtering noise, triggering alerts or selecting records for reports.
|
Q6. What is ELC Administrator Group? |
Members of this User group (EventTracker Admin) have the administrative privileges on the application and can assign roles to other users.
|
| Installation & Deployment |
| Q1. What is the significance of creating EventTracker and EventTracker Admin user groups? |
To log on to ELC, the user must be a member of “EventTracker” user group. To administer roles in ELC, the user should be a member of “EventTracker Admin” user group.
EventLogCentral user authentication operates locally, that is confined to a particular computer or within Active Directory context. EventTracker & EventTracker Admin user groups must be created prior to installing EventLogCentral.
Creating Local User and Group Accounts
Note: To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admin group might be able to perform this procedure.
Summary
- Create user groups “EventTracker” and “EventTracker Admin” in the computer where EventLogCentral is to be installed.
- Create a local user. Example: “ETAdmin” (This could be any name).
- Add “ETAdmin” user to “EventTracker” group. Members of this group can only log on to ELC and do not have privileges to administer roles. To administer roles, add “ETAdmin” user to “EventTracker Admin” group.
- Add “ETAdmin” user to “Administrators” group on the computer where ELC is to be installed. You can provide this user credentials while installing ELC.
For more information, refer Creating Local User and Group Accounts section in the ELC Install Guide
Creating Active Directory User and Group Accounts
Note: To perform this procedure, you must be a member of the Account Operators group, Domain Admins group, or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority.
Summary
- Create user groups “EventTracker” and “EventTracker Admin” in the domain where EventLogCentral is to be installed.
- Create a domain user. Example: “ETAdmin” (This could be any name).
- Add “ETAdmin” user to “EventTracker” group. Members of this group can only log on to ELC and do not have privileges to administer roles. To administer roles, add “ETAdmin” user to “EventTracker Admin” group.
- Add “ETAdmin” user to “Administrators” group on the computer where ELC is to be installed. You can provide this user credentials while installing ELC.
For more information, refer Creating Active Directory User and Group Accounts section in the ELC Install Guide.
|
| Q2. How can we enable SSL for ELC site? |
Refer http://www.prismmicrosys.com/Support/latest guides/Securing IIS Web Server with SSL.pdf
|
| Q3. ASP.Net is not enabled on webserver(IIS) or Getting 'page not found ' when try to access ELC? |
Ensure that ASP.NET is enabled for the Web server. This can be checked as follows.
In Windows 2003
Click Start, point to Settings, and click Control Panel
Double-click Add or Remove Programs.
Click Add/Remove Windows Components.
Double-click Application Server.
Check if ASP.NET check box is selected. If not selected, select it.
Fig 1
Verify webserver extensions for ASP.Net:
a) Click Start, point to Settings-> Control Panel, double-click the Administrative Tools and then double-click the Internet Information Services Manager. The Internet Information Services window is displayed
b) Expand Web service Extensions.
c) If ASP.NET is enabled, 'ASP.NET v2.0.50727 (32-bit)' appears on right side. If the status is 'Prohibited' then select 'ASP.NET v2.0.50727 (32-bit)' and click on 'Allow' button. Without these changes, the application will not work as desired.
Fig 2
|
| Troubleshooting |
| Q1.While installing ELC, is it possible to provide any domain user or local user credentials? |
Yes, provided it depends on the User Authentication option you select in the Configure EventLogCentral dialog.
Local Account:
The user must be a member of “Administrators” user group on the computer where ELC is being installed. If you plan to install ELC with local user account, restart the computer, log in with local user credentials and then proceed with the installation. To log on to ELC, the user must be a member of “EventTracker” user group or the user should have been assigned a role. To administer roles in ELC, the user should be a member of “EventTracker Admin” user group.
Active Directory:
You can also user domain user account to install ELC provided the user must be a member of “Administrators” user group on the computer where ELC is being installed. To log on to ELC, the user must be a member of “EventTracker” user group or the user should have been assigned a role. To administer roles, the user should be a member of “EventTracker Admin” user group.
|
| Q2. Is it possible to change the password of the user, which I used to install ELC? |
Yes. It is necessary to update the new password through the ELC Configuration dialog i.e. Start -> Programs -> Prism Microsystems -> EventLogCentral -> Configure EventLogCentral.
|
| Q3.
I am getting a warning message from browser whenever any report is generated? |
Cause: Browser security
Resolution: Open Internet Explorer, and select Tools ® Options. Select the Advanced tab. Scroll down to Security. Uncheck the option "Do not save encrypted pages to disk". |
|
| Q4.
While accessing ELC through browser I am getting Configuration Error. Parser Error Message: Error reading the password from the registry? |
Cause: The domain/user may not exists in Active Directory or password for may domain/user have changed.
Resolution : Go to Start/Programs/PrismMicrosystem/EventLogCentral/Configure EventLogCentral
Enter the new password for ETAdmin in the ELCConfig dialogue and click Ok. |
|
| Q5. Generated On-Demand report/analysis is not downloaded or prompted for download. Why? |
Cause: The default security settings of Trusted Zone (provided corresponding website was added to this zone) never allows to prompt for downloading file or File download.
Resolution: Open a browser instance, Go to Tools -->Internet Option ->Security and select Trusted sites and Click Custom Level. Go to Downloads, Enable the following
- Automatic prompting for file downloads (this option is available in IE7)
- File Download
- Click Ok to Save and Close the popup
- Click Apply and Ok to Save and Close the internet option Dialogue
- Close the browser instance
The above steps will solve the problem of generating reports in PDF and DOCs
|
|
| Q6. The "Page cannot be found" error while starting ELC? |
If ELC is installed on 64-bit machine, then you will get the screen as shown in figure below:
- Open IIS Manager.
- Click the Web Service Extensions node in the left pane.
- Click the ASP.NET v2.0.50727 (32-bit) Web Service Extension in the right pane.
- The default Status is Prohibited. Click the Allow button.
- Restart the IIS server.
- Open the browser, and type the URL as "http://localhost/ELC/cwg_login.aspx" (https: if the Web site is SSL enabled). The ELC Login page will be displayed.
|
|
| Q7. I’m not getting navigation buttons in Quick View? |
Reason:
If IIS was installed after installing EventTracker or EventLogCentral and EventTracker have been installed on 2 different systems then this issue occurs. During EventTracker installation Crystal Reports runtime component is also installed. If IIS is installed after installing EventTracker application then binding between Crystal Reports runtime and IIS is not correct.
Solution:
Download "Crystal Reports for .NET Framework 2.0 x86 Redistributable Package (32 bit)" from the below mentioned site and install it on the system where EventLogCentral has been installed.
http://resources.businessobjects.com/support/additional_downloads/runtime.asp#07 |
|
| Q8. I get “Number of members in ‘EventTracker’ group exceeded licensed users” message while logging in to ELC? |
Reason:
Number of members in ‘EventTracker’ user group should have exceeded the number of user license you had purchased.
Solution:
Remove member(s) from EventTracker user group and restart ELCReceiver service for the changes to take effect. Number of member(s) in EventTracker user group should be less than or equal to the user license you have purchased.
You can also upgrade ELC to match with the number of members(s) in EventTracker user group. Contact sales@prismmicrosys.com to upgrade your license. |
|
| RSS Feeds |
| Q1. What is RSS? |
RSS (or Really Simple Syndication) feeds are free content feeds from Web sites, including washingtonpost.com, that contain article headlines, summaries and links back to full-text articles on the web.
EventLogCentral uses RSS for notification in generation of Reports(Scheduled, Queued), alert notification etc.
|
| Q2. What tools do I need to use RSS? |
To start using RSS, you need a special news reader or aggregator that displays RSS content feeds from Web sites you select. IE7 is the most popularly used RSS Reader. Also, there are many different news readers available, many of which are free of charge. Most are available as desktop software that you can download and install on your computer. Several Web-based news readers are available as well.
List of news readers (Yahoo).
|
| Q3. What are the benefits of using RSS? |
RSS is an easy way for you to be alerted when content that interests you appears on your favorite Web sites. Instead of visiting a particular Web site to browse for new articles and features, RSS automatically tells you when something new is posted online.
Click on the section title link to obtain the RSS URL, which you will see in the "Address" field of of your browser. Simply copy this URL and follow the instructions for your particular news reader to subscribe.
|
|
| Q4. What is a RSS Reader? |
An RSS Reader is used to read RSS Feeds.There are a lot of different RSS readers available. For viewing EventLogCentral Feeds, the rss reader should support RSS version 2.0.
|
|
| Q5. What are Enterprise Feeds? |
Enterprise Feeds are the feeds, which are configured from EventTracker Manager Console. User(s) of EventLogCentral can use this feed for notification.Management of these feeds can be done only at EventTracker Management Console.
|
|
| Q6. What are My Feeds? |
My Feeds are the feeds, which are user specific and can be managed by individual users through EventLogCentral. |
|
| Q7. How to subscribe Enterprise/My feeds in EventLogCentral? |
Users can subscribe to Enterprise/My Feeds. For example, while scheduling/queuing any Enterprise reports, My Reports or Analysis, users can subscribe to Enterprise/My Feeds. Whenever a report/analysis is generated, users will spontaneously get RSS notification and is visible through the standard RSS reader. |
|
| Q8. How to view ELC RSS feeds through RSS reader? |
Each ELC RSS feeds(Enterprise/My feeds) is associated with a URL. Users can subscribe to the corresponding feed by copying the feed channel links to RSS reader. |
|
| Q9. What interval should be to set to auto check for updates in RSS reader? |
It is advised to configure your rss reader to auto check for updates every 10 minutes so that the alerts are received faster and old alerts are not lost. |
|
| |
