|
|
Click the Host Details link to view the details on the EventLog Server and also the details of the hosts from which EventLog Analyzer is currently collecting event logs.
The Add New Host link lets you add
a new host to this list. Select multiple hosts and click the Delete
Host link to delete them all in a single click.
The Hosts Details table lists all the hosts from which event
logs are being collected.
| Field/Icon | Description |
|---|---|
or  or  or  or  or  |
This icon tells you whether this host is Linux/ Windows/ Cisco Routers / Switches. |
 |
Click this icon to edit attributes for this host |
or  |
Click this icon to enable or disable collecting event logs from this host |
| HostName | The host name of the machine from which event logs are collected |
| HostIPAddress | The IP Address of the host. |
| Delete | Click the 
icon to delete this host . To delete more than one host, use the check-box
to select the host. |
| Status | The status of log collection from this host. Hover over each icon to see the current status. |
| NextScanOn | Provides the time at which the next scan is scheduled. This is set while adding the host, where the field Monitor Interval in minutes decides the next schedule of the scan, the default being 10 minutes. The status of the hosts and performing unscheduled scans using the ScanNow link, impacts the next scanning schedule. |
| LastMessageOn | Displays the last time at which the host sent an event log to the server. |
| Action | The ScanNow link provides an option to do an
unscheduled scan. Until the scan is complete, Scanning 
in progress icon is displayed. |
Click the
icon next to the host to edit the log collection details for that host. Depending
on the type of host, the following details can be edited:
| Host Type | Host Detail | Description |
|---|---|---|
| Windows | Display Name | The name that is displayed for the host. |
| Login name/ password | The login details (credentials) needed to collect event logs from this host. You need to have Administrator privileges, and for applying the change of credentials to all the hosts in the particular domain, displayed in the field Domain Name, you need to select the option Apply login name and password changes to all domain(displayed below) authenticated hosts. | |
| Monitor Interval | The number of minutes after which the host will be polled for new event logs | |
| Host Group | Select the Host Group to which the hosts need to be changed to. Click the  icon to create a new host group. |
|
| Domain Name | The default domain name to which the host belongs is displayed. Select the option Use Domain Authentication if you are using domain credentials to access this host and collect logs. | |
| Unix / Cisco Device / Any Syslog Device | Display Name | The name that is displayed for the host. |
| Host Type | Select the Host Type to which the hosts need to be changes to. Click the icon to create a new host type. |
|
| Display Icon | Click on the Change Image link to change the icon that is displayed. You can select from a list of icons
or or or or or . You can also add your own icon using the  Add New Icon link. If you need to apply the changes to all the host belonging to this Host Group, you need to select the option Apply to all hosts in Group. |
|
| Host Group | Select the Host Group to which the hosts need to be changed to. Click the icon to create a new host group. |
|
| Syslog Listener Port | The listener port on which EventLog Analyzer is listening for event logs from this host. This is also the same port on which this host is forwarding event logs to EventLog Analyzer. |
Once you have made the changes, click Save Host Details to save the new settings for this host.
 |
When a host is deleted, it is removed from the database, meaning all host-related data is permanently deleted. |
Click on any host to view the event summary for that host.
The Host Details link also lists the ports on which EventLog Analyzer is listening for event logs. By default, Listening Ports 513 and 514 is added. When you add a UNIX host, and specify a different port other than 513 or 514 to collect logs, that port is automatically added to this list.
|
Any newly added syslog port will be displayed under Listening Ports only after a couple of minutes. |
|
|