Filtering Windows event logs before uploading

Filtering Windows event logs before uploading

You can filter Windows event logs in the agent side before uploading them to Site24x7. You can configure to eliminate the unwanted event IDs, so that you can skip them while uploading. 

You can set these field configuration while Adding a Log Type, or after adding it by editing the log type. Following the steps below to set the configuration:
  1. Log in to your Site24x7 account.
  2. Go to Admin > AppLogs > Log Types > click on the Log Type Windows Event Logs.
  3. In the Sample Output table, hover over the field name Event ID to find the  icon, and click on it. You'll be able to view the Field Configurations pop-up.
  4. Define the unwanted event IDs under the Filter Log Lines option.
    1. Select Log Lines only if this Field: Choose Doesn't Match to filter unwanted event IDs.
    2. Any of these Values: Enter the event IDs that you don't want to upload.
  5. Click Apply.

Notes
You can apply a filter for one or more fields in the log type to filter the logs.
Follow the steps in this doc for the rest of the configurations.

    • Related Articles

    • How to retrieve logs from different Site24x7 monitors

      The log location varies with different agents and monitors. View a consolidated list here: Site24x7 Server Monitoring agent Monitor or module OS Directory, path, or command Detailed reference Server Monitoring Agent Windows Installation directory > ...

    • How to uninstall the Site24x7 Windows Server Monitoring Agent

      Method 1: To uninstall the Site24x7 Windows Server Monitoring Agent, click the link below: https://staticdownloads.site24x7.com/server/Site24x7WindowsAgentUninstall.zip Unzip and execute the Uninstall.bat file in the Command Prompt as an ...

    • Executables and scripts to allow for Windows server monitoring

      One of the reasons you could not enable Site24x7 server monitoring could be your organization's group policy denying access to the executables, scripts, and batch files associated with Site24x7 server monitoring. Mark the following executables, ...

    • Breakdown of the bulk action codes in the audit logs

      Use the below codes to read and understand the bulk actions in the audit logs: Bulk Action Codes Threshold Profile 0 Location Profile 1 Notification Profile 2 User Alert Groups 3 Check Frequency 4 IT Automation 5 Activate Monitor 6 Suspend Monitor 7 ...

    • No data for service and process in Windows server monitor

      If you see "No Data" for process and service metrics (such as CPU or memory usage of monitored services) in the Site24x7 Windows server monitor user interface, follow the troubleshooting steps below. Run PowerShell Commands Open PowerShell as ...