Monitoring Windows Event Log using ActiveXperts

Monitor Windows Event Log
    Figure 1: ActiveXperts Network Monitor Windows Event Log Check


ActiveXperts solution to monitor Windows Event Log

ActiveXperts Network Monitor can read Windows Event logs on local- or remote computers. It can look for specific Event Sources, Categories, Event ID's and so on. It can look for a pattern in the Description of the Event. It can do advanced filtering in Event Logs; it can look for multiple events in the Event Log, and notify the system administrator if one of the Events occurred in a specific time interval. For instance, as a network administrator, you want an alert if there's a McAfee or Norton virus message in the Application Event Log, but only if the event is posted in the last 30 minutes. ActiveXperts Network Monitor uses VBScript and WMI for this. It enables you to fully customize Event Log filtering, speeding up performance by checking for more than one event in each cycle.

An Event Log check requires the following parameters:

  • Computer - The host name or the IP address of the computer you want to monitor;
  • Log File - The Log File to be checked. Choose the appropriate log file, for instance: 'Application', 'Security', 'System', or server-related log (like DNS, Exchange, etc.);
  • Credentials - Select alternate Windows credentials if required;
  • Information/Warning/... - Filter these event types;
  • Source - Filter events that match this Event Source;
  • Category - Filter events that match this Event Category;
  • ID - Filter events that match this Event ID;
  • User - Filter events that match this User;
  • Description matches string - Filter events that match the description string in the Event Message;
  • Only Events from the last x minutes - This options allows you to discard errors that happened in the past. For instance, if you don't want to be notified about error events that happened in the past (like a week ago), use this option;
  • This check will fail if such event is found/not found - Specify whether this check will fail or succeed when an event is found.