Monitoring the Windows Server Event Log
Learn how to monitor the Windows Server Event Log and share only filtered events to end users
This page describes what's being monitored for the Event Log Category in Nodinite, using one ore more role-based Monitor Views. Nodinite monitors the state, based on user-defined thresholds, either global or specific. For managing the Event Log, remote commands are available as Actions. These help you swiftly manage reported problems. The implemented Remote Actions are further detailed on this page.
Example with a list of monitored 'Event Log configurations' as resources in a Monitor View
- You must manually manage your Event Log configurations to monitor. Sharing insights is very easy from within Nodinite using Monitor Views.
- State Evaluation - Based on user-defined settings
- Category based monitoring - To help you sort out the different type of resources, the monitored Resources are grouped by Categories
The monitored Event Log configurations are displayed within Nodinite as Resources. For example, if you have 2 Windows Server configurations with 2 and 3 Event Log-configurations, then you will have 5 'Event Log' resources in Nodinite in total.
The name of the Resources are the same as the name for the Event Log-configuration
The 'Event Log' resource belongs to the following Category:
Category Description Event Log Make sure the Event Logs does not contain any events matching the user-defined settings
List of the Event Log related category as a filter in a Monitor View
The Application name is the Display Name from the configuration of the monitored Windows Server:
Each item (represented in Nodinite as a Resource) and is evaluated with a state. (OK, Warning, Error, Unavailable).
The evaluated state may be reconfigured using Expected State override setting that exists on every Resource within Nodinite.
Note: Depending on the user-defined synchronization interval set for the Windows Server Monitoring Agent, there might be a delay before Nodinite Web Client/Monitor Views reflects upon the change. Click on the Sync All button (or on the dropdown for individual agent selection) to force Nodinite to issue a resynchronization request.
Option to force Nodinite to issue a resynchronization request with the monitoring agent
For the Event Log category, the monitored state is evaluated as described in the table below:
|Unavailable||Service not available||
|Error||Error state raised||The 'Event Log' contains one or more matching events|| Clear
|Warning||Warning state raised||Not implemented||-|
|OK||Online||The 'Event Log' contains exactly 0 matching events|| Clear
You can have old events removed by applying a filter on old events. The time for this filter is the point in time when you either click on the Clear action, or by manually editing the value in the global configuration. For selected Event Log resource, simply click on the Action button and then click on the Clear menu item within the 'Control Center' section.
Filter old Log Events, using the 'Clear' action
You will then be prompted to confirm the intent to proceed with the operation:
Example of the 'Clear' prompt
Next, a modal will be presented with the result of the operation:
Example of successful clear operation
You can view details for the selected Event Log resource, simply click on the Action button and then click on the List Events menu item within the 'Control Center' section.
Open filtered Log Events modal, using the 'List Events' action
Next, the modal from the operation will be presented with a list of filtered Log Events according to the settings.
Example of the 'List Events' modal
You can expand any single entry by clicking on the small arrow button:
The recorded Log Event entry can also be viewed as XML, click on the View as XML tab:
Logged event as XML
In the bottom of the page the Settings for this Event Log configuration can be reviewed (read-only):
Example of settings for this Event Log configuration