![]() ![]() ![]() |
The Event Log is a Windows service that logs about program, security, and system events occurring in Windows devices. The events can be related to some application, system or security. You can monitor these events using OpManager and configure to generate alarms when critical events are logged. OpManager uses WMI to fetch the details of these logs and hence you need to provide the log on details of a user with administrative privilege to connect to the Windows machine.
You can view the list of all events monitored by OpManager, by clicking Event Log Rules under the Admin tab.
Monitoring Windows Events in a Device
To monitor Windows events, you need to associate the event log monitors with the device. To do so, follow the steps given below:
Using the Quick Configuration Wizard
Alternatively, you can associate an event log rule with many devices at a time using Quick Configuration wizard.
Creating an Event Log Monitor
To create an event log monitor, follow the steps given below:
Under the Admin tab, click Event Log
Rules.
In this page, you can see the rules supported by OpManager. They are
categorized into Applications, Security, System, DNS Server, File
Replication Service, and Directory Service. You can add the event logs
that you want to monitor under any of these categories.
Click New Rule under any one of the categories
to add a rule in it.
Entries to all the fields except Rule Name are optional. Event ID is a
required field to identify the event but can be left empty in few
exceptional cases, such as you want to monitor all events that are of
the Event Types, say, error or information. Here the filter will be
based on the Event Type.
Type a unique Rule Name.
Enter the Event ID to be monitored. This is the unique identifier for the event logs.
Enter the event Source. This is the name of the software that logs the event.
Enter the event Category. Each event source defines its own categories such as data write error, date read error and so on and will fall under one of these categories.
Type the User name to filter the event log based on the user who has logged on when the event occurred.
Choose the Event Types to filter the event logs based on its type. This will typically be one among Error, Warning, Information, Security audit success and Security audit failure.
Enter the string to be compared with the log message. This will filter the events that contains this string in the log message.
Choose a severity for the alarm generated in OpManager for this event.
You can now associate this rule to the required devices.
![]() ![]() ![]() |