Filtering Windows event logs before uploading

You can filter Windows event logs in the agent side before uploading them to Site24x7. You can configure to eliminate the unwanted event IDs, so that you can skip them while uploading. 

You can set these field configuration while Adding a Log Type, or after adding it by editing the log type. Following the steps below to set the configuration:

1. Log in to your Site24x7 account.
2. Go to Admin > AppLogs > Log Types > click on the Log Type Windows Event Logs.
3. In the Sample Output table, hover over the field name Event ID to find the  icon, and click on it. You'll be able to view the Field Configurations pop-up.
4. Define the unwanted event IDs under the Filter Log Lines option.
   
1. Select Log Lines only if this Field: Choose Doesn't Match to filter unwanted event IDs.
2. Any of these Values: Enter the event IDs that you don't want to upload.
   
5. Click Apply.
   
   

You can apply a filter for one or more fields in the log type to filter the logs.

Follow the steps in this doc for the rest of the configurations.

• Related Articles

• How to collect Applications and Services Logs from Windows event logs

  Site24x7 AppLogs uses the Windows Management Instrumentation (WMI) query on the Site24x7 Server Monitoring agent to fetch event logs. The WMI module requires the registry entry below to read the event logs from the Applications and Services Log ...

• How to retrieve logs from server-agent-based monitors?

  If you have a Windows agent, you can use the following path to retrieve the agent logs: Go to the installation directory > Site24x7 > WinAgent > Monitoring > Logs If you have a Linux server, you can retrieve logs for your server agent by using the ...

• Where are the Network Monitoring logs located?

  The default directories for installing the On-Premise Poller are: Windows: C:\Program Files(x86)\Site24x7OnPremisePoller Linux: /opt/Site24x7OnPremisePoller On-Premise Poller logs If you've installed the On-Premise Poller in the default directory ...

• How to retrieve logs from different Site24x7 monitors

  The log location varies with different agents and monitors. View a consolidated list here: Site24x7 Server Monitoring agent Monitor or module OS Directory, path, or command Detailed reference Server Monitoring Agent Windows Installation directory > ...

• Where are the On-Premise Poller logs located?

  The default directories for installing the On-Premise Poller are: Windows: C:\Program Files(x86)\Site24x7OnPremisePoller Linux: /opt/Site24x7OnPremisePoller If you've installed the On-Premise Poller in the default directory specified during ...