Can We configure the GFI to collect AV Events like Kaspersky

Can We configure the GFI to collect AV Events like Kaspersky (Full Version)

All Forums >> [Network Security] >> GFI EventsManager

Message

mobi_khan -> Can We configure the GFI to collect AV Events like Kaspersky (16.May2008 7:21:51 AM)
Hi guyz, I have configured GFI Event Manager for some of our critcal system for centeralized monitoring and logging. Its been working fine from a couple of days but I am facing an issue that 1. When I see the Job activity on the GFI Event Manager I see that for one machine its showing the follwoing message: "Error opening event log Security on machine abcd" Any suggestions or help from you guyz??? 2. We have configured Kaspersky AV on our machines and in the windows Event Log I can see another node is added "Kaspersky Event Log". Can we also configure the GFI Event Manager to collect logs from this new node??

LeoSanchez -> RE: Can We configure the GFI to collect AV Events like Kaspersky (21.May2008 10:32:58 AM)
Hello mobi_khan, 1 - This error normally occurs when the event logs are either corrupt or the account being used to connect to the target servers do not have access to the event log. Are you specifiying alternate credentials for machine 'ABCD'? or are you using the credentials of the GFI EventsManager service to connect to the target servers? Determine which credentials are being used to access the target servers and login to the GFI EventsManager server using these credentials. Once logged into the GFI EventsManager server with the proper credentials following the instructions outlined in this KB article - http://kbase.gfi.com/showarticle.asp?id=KBID002837. Once connected to the target server try to access the event logs and see if you receive an error. 2 - You can use GFI EventsManager to collect custom event logs. Please review the following section of the online user manual for instructions on how to add the custom event logs - http://support.gfi.com/manuals/en/esm8/esm8manual.1.33.html.

mobi_khan -> RE: Can We configure the GFI to collect AV Events like Kaspersky (16.Jun.2008 7:23:41 AM)
Hi, I wanted to add the kaspersky event log in the GFI event Manager. I used the custom Event log option and gave the Name of the Custom Event Log which is appearing in the Event Viewer "Kaspersky Event Log". Then I went into the Event browser and Saw that the name of the custom Event ID is appearing in the Event Browser. I wanted to see which events are present in this new created custom event but i did not find any event. I then crated a query for this event that is i used the source option only which is in windows showing "klnagent". But i even not seeing any kind of event. Please guide me what do I do to collect these events in the GFI Event Manager?

DrewE -> RE: Can We configure the GFI to collect AV Events like Kaspersky (16.Jun.2008 9:10:36 AM)
Have you tried setting up a new event processing rule for the events you are most interested in?

Page: [1]