Understanding event log monitoring

How does the event log monitoring work?

Event log monitoring is crucial to track specific events across all Windows devices in a unified console. Add event log checks to your Windows server and start monitoring them. Watch a quick video to know how to set it up.

When the particular event occurs, then the event log check is turned to "Down" status and an alert will be triggered for the same.

For an event log check, the following are the mandatory fields:
  • Check Name
  • Log Type 
  • Severity Level
With the basic configuration, alerts will be triggered on the first occurrence of the event, based on the configured log type and severity level.

In advanced configuration, the user has to specify the event ID and the number of occurrences the event will occur. For number of occurrences 'n' greater than 1, the timeout period should be mentioned.

For example, if the number of occurrences is set to 2, the Windows server monitoring agent will notify Site24x7 only when the configured event check occurs 2 or more times. This will move the monitor status to trouble. For consecutive events, alerts will not be sent and the monitor status will continue to be in the trouble state. Only when the number of occurrences becomes less than 2, the monitor will be up again and the agent will continue to look for occurrence of the event 2 or more times.

    • Related Articles

    • Troubleshooting false positive alerts in monitoring

      Problem False positive alerts are being generated. Possible cause The monitoring system is down in some locations. The Website monitor might be configured for one location, such as Seattle, but may appear down when accessed from another location, ...

    • How do I monitor an Oracle database hosted in a Docker container in the same machine?

      To monitor your Oracle Database hosted in a Docker container, follow these steps: Log in to Site24x7 and install the Site24x7 Linux monitoring agent. Execute the following command in your terminal and enter your Oracle Database instance's username ...

    • Exclude the selective SSH algorithms in On-Premise Poller during SFTP Transfer monitoring

      By excluding SSH algorithms, you can restrict Site24x7 SSH Client from using the excluded algorithm while connecting to the SSH server during SFTP Transfer monitoring. Follow the steps mentioned below for SSH algorithm exclusion in On-Premise Poller ...

    • Exclude Site24x7 monitoring traffic from Google Analytics

      You can exclude traffic from the Site24x7 Web Transaction (Browser) monitor and Webpage Speed (Browser) traffic from Google Analytics in two ways. To exclude traffic for the Web Defacement monitor, you can follow the first method. 1. Creating a ...

    • Response time in Website monitoring

      In website monitoring, response time is calculated as the total time taken to resolve the DNS, complete the TCP hand-shake, negotiate an SSL handshake (for HTTPS) and download the full HTML output from the server. However, it does not include getting ...