We are happy to announce the availability of ManageEngine EventLog Analyzer Service Pack 3 (Build 4030).

To get the complete build (4030) follow the below URL.


Customers using earlier builds of EventLog Analyzer, please download the Service Pack 3 from the below URL. Please follow the instructions before applying the service pack.


You can access the online user guide (help document) from the below URL


Listed below are the feature enhancements, bug fixes and limitations of build 4030:

New Features and Enhancements

    > Support for collecting logs from customized event types.> Reports for PCI Compliance Audits.

    > Support for SNARE, syslog input from windows hosts identified as Windows and not as Unix.

    > Alerts can be generated based on AND / OR criteria search for multiple strings in collected system log messages.

    > Custom reports can be created based on log message filters.

    > Support for running user provided custom scripts while an alert is generated.

    > Provision to find which users have deleted files and folders.

    > Option to add new Device Type icons from the UI.

    > ssh logins are now captured in User logon and logoff reports.

    > Facility to view the custom report configuration details has been provided.

    > Support for creating an alert profile for more than one host or a group.

    > Option to specify subject for the alert notification through mail.

    > Syslog viewer display to be shown dynamically as log messages come in to EventLog Analyzer.

    > Option to connect the WBEMTEST by running the invokeWBEMTEST.bat in <EventLog Analyzer Home>\troubleshooting directory.

    > Automatic hard disk space alert has been provided.

Bug Fixes

    > Only one event was shown in a single page of the PDF report.> In Loading archive files for the Linux host the source name was not shown.

    > Search in the complete view page did not show the appropriate count of the search result and could not be exported.

    > Logon/logoff events were not captured for Solaris hosts.

    > In the Compliance report, Individual User Action details were not shown.

    > Details of the process with special characters were not shown.

    > In Load & Search of archived files, message based search criteria did not produce any results.

    > If email authentication is given for the mail server, alert were not mailed.

    > In global search, security based Event ID’s alone were searched.

Known Issues

    > Windows Vista is not fully supported.> Username is not parsed correctly for some EventID’s of the SNARE logs.

    > In the user based reports service account is also shown along with the user account.

    > Directory structure (eg: C:\AdventNet) in the log for windows machine is not shown correctly (eg: C:AdventNet).

For any assistance please write to support@eventloganalyzer.com

Thanks & Regards


EventLog Analyzer & Firewall Analyzer