How to Monitor the Windows Event Logs
IsItUp can monitor your Event Logs
network wide and generate real time alerts.
Event logs contain a large variety of information that is critical to
your systems health and security. However, they contain such a huge volume of
data that it is difficult to review. IsItUp simplifies this by scanning your
Event Logs and notifying you when important events occur based on your
selection criteria. IsItUp’s
Event Log Monitor has the following features:
Ø Monitor event logs on both local and remote machines.
Ø Send alerts when event log entries are matched. Email alerts can be configured to include the matched Event Log entries.
Ø Determine event matches by using any combination of Type (Error, Information, etc), Id, Source, Category, User, Computer and Description. For added flexibility, both ‘*’ and ‘?’ wildcard characters are supported for matching in any field.
Ø Start the Event Log scan at the point in the log where IsItUp last left off or scan within a specified interval. For example, IsItUp can always scan through the last hour’s event log records. In addition, a threshold can be set so that alerts are only triggers if the specified number of matched event log entries are found.
To quickly get started, first:
install IsItUp for a free 30 day trial.
Just click on the following link:
1. To create an IsItUp Event Log
Monitor, right click in the left most IsItUp Window (the device list
window) and select “New Device / Event Log
Monitor” from the short cut menu.
2. In order to setup the
monitor, you need to fill in the name and group. Then enter the remote information if the log
is on another machine. The next step is to select one or more event logs to
monitor. Just click on the “Browse” button
for a list of the available Event Logs.
The sample below shows monitoring the “Security” log on a remote
machine. Next, the match criterion needs
to be defined. Each time an event log
record meets the match criteria, the monitor is deemed down. If any alerts or actions are configured they
will be executed. Fields that are left
blank are not considered for the match and in effect match anything. The sample below has configured only Event
Log entries of Type “Error” with the word “Logon” in the description for the
match criteria. The final step in setting up an event log monitor is to decide
how the scan is to be done. You can
configure the scan to always start up from the last record examined during the
previous scan or always a fixed amount of time from when the scan starts.
3. The Event Log Monitor results
are reported in several ways. First, the
details view (right window) show the most recently matched records along with
other test information.
the Event Log report may be run at any time to get a list of all matched Event
Log records within a user specified time range.
A brief sample appears below:
the matched event log records can be email along with other information about the
event. A sample email is included below:
Device Event Log Monitor in File Server Group failed on Sun, May 13, 2012 15:56:10. The device has failed 2 consecutive times which exceeds the threshold set for this notification. The last successful test was on: Sun, May 13, 2012 13:56:10
The last matched Event Logs were:
Time: 05/13/12 15:22:00
Srce: Service Control Manager
Time: 05/13/12 15:11:30
Time: 05/13/12 08:35:06
Srce: Service Control Manager
For more information on how to customize Email and SMS alerts visit http://www.isitupnetworkmonitor.com/faqs/How do I customize Email%20and SMS alerts.htm