Understanding event log monitoring

How does the event log monitoring work?

Event log monitoring is crucial to track specific events across all Windows devices in a unified console. Add event log checks to your Windows server and start monitoring them.

When the particular event occurs, then the event log check is turned to "Down" status and an alert will be triggered for the same.

For an event log check, the following are the mandatory fields:
  • Check Name
  • Log Type 
  • Severity Level
With the basic configuration, alerts will be triggered on the first occurrence of the event, based on the configured log type and severity level.

In advanced configuration, the user has to specify the event ID and the number of occurrences the event will occur. For number of occurrences 'n' greater than 1, the timeout period should be mentioned.

For example, if the number of occurrences is set to 2, the Windows server monitoring agent will notify Site24x7 only when the configured event check occurs 2 or more times. This will move the monitor status to trouble. For consecutive events, alerts will not be sent and the monitor status will continue to be in the trouble state. Only when the number of occurrences becomes less than 2, the monitor will be up again and the agent will continue to look for occurrence of the event 2 or more times.
    • Related Articles

    • How to collect Applications and Services Logs from Windows event logs

      Site24x7 AppLogs uses the Windows Management Instrumentation (WMI) query on the Site24x7 Server Monitoring agent to fetch event logs. The WMI module requires the registry entry below to read the event logs from the Applications and Services Log ...
    • Filtering Windows event logs before uploading

      You can filter Windows event logs in the agent side before uploading them to Site24x7. You can configure to eliminate the unwanted event IDs, so that you can skip them while uploading.  You can set these field configuration while Adding a Log Type, ...
    • A comparison on the overall capabilities of agent based server monitoring and On-Premise Poller

      Features Server Monitoring On-Premise Poller CPU, Memory and Disk usage Supported Specific to Poller supported monitor types. In Poller summary, we show Associated monitors JVM CPU & Memory utilization Down/Trouble history Services and Processes ...
    • Monitoring IPv6 enabled Internet Resources with Site24x7

      You can monitor your Internet resources over IPv6 from our supported locations. We've a wide network of monitoring locations around the globe with support for over 90 IPv4, including 60+ IPv6 enabled locations. Follow the steps below to start ...
    • Prerequisites for VMware VDI Monitoring

      Site24x7 monitors VMware Horizon as a part of VMware virtual desktop infrastructure (VDI) monitoring.  Site24x7 collects VMware VDI metrics using Windows On-Premise Poller via the PowerShell scriptlets available in VMware, known as the VMware ...