Can We configure the GFI to collect AV Events like Kaspersky
|
Logged in as: Guest
|
|
Users viewing this topic:
none
|
|
Login  | |
|
Can We configure the GFI to collect AV Events like Kasp... - 16.May2008 7:21:51 AM
|
|
|
mobi_khan
Posts: 7
Score: 0
Joined: 16.May2008
Status: offline
|
Hi guyz,
I have configured GFI Event Manager for some of our critcal system for centeralized monitoring and logging. Its been working fine from a couple of days but I am facing an issue that
1. When I see the Job activity on the GFI Event Manager I see that for one machine its showing the follwoing message:
"Error opening event log Security on machine abcd"
Any suggestions or help from you guyz???
2. We have configured Kaspersky AV on our machines and in the windows Event Log I can see another node is added "Kaspersky Event Log". Can we also configure the GFI Event Manager to collect logs from this new node??
|
|
|
|
|
RE: Can We configure the GFI to collect AV Events like ... - 21.May2008 10:32:58 AM
|
|
|
LeoSanchez
Posts: 23
Score: 0
Joined: 28.Apr.2008
Status: offline
|
Hello mobi_khan,
1 - This error normally occurs when the event logs are either corrupt or the account being used to connect to the target servers do not have access to the event log. Are you specifiying alternate credentials for machine 'ABCD'? or are you using the credentials of the GFI EventsManager service to connect to the target servers?
Determine which credentials are being used to access the target servers and login to the GFI EventsManager server using these credentials. Once logged into the GFI EventsManager server with the proper credentials following the instructions outlined in this KB article - http://kbase.gfi.com/showarticle.asp?id=KBID002837. Once connected to the target server try to access the event logs and see if you receive an error.
2 - You can use GFI EventsManager to collect custom event logs. Please review the following section of the online user manual for instructions on how to add the custom event logs - http://support.gfi.com/manuals/en/esm8/esm8manual.1.33.html.
_____________________________
Regards,
Leo - Technical Support Team Lead
GFI Software - www.gfi.com
|
|
|
|
|
RE: Can We configure the GFI to collect AV Events like ... - 16.Jun.2008 7:23:41 AM
|
|
|
mobi_khan
Posts: 7
Score: 0
Joined: 16.May2008
Status: offline
|
Hi,
I wanted to add the kaspersky event log in the GFI event Manager. I used the custom Event log option and gave the Name of the Custom Event Log which is appearing in the Event Viewer "Kaspersky Event Log". Then I went into the Event browser and Saw that the name of the custom Event ID is appearing in the Event Browser. I wanted to see which events are present in this new created custom event but i did not find any event. I then crated a query for this event that is i used the source option only which is in windows showing "klnagent". But i even not seeing any kind of event.
Please guide me what do I do to collect these events in the GFI Event Manager?
|
|
|
|
|
RE: Can We configure the GFI to collect AV Events like ... - 16.Jun.2008 9:10:36 AM
|
|
|
DrewE
Posts: 85
Score: 0
Joined: 28.Apr.2008
From: Cary, NC
Status: offline
|
Have you tried setting up a new event processing rule for the events you are most interested in?
_____________________________
Drew Easley - Technical Support Representative
GFI Software - www.gfi.com
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
|
Printable Version
