Re: Event Log monitoring

From: Karl Levinson [x y] mvp (levinson_k_at_despammed.com)
Date: 01/09/04

  • Next message: Karl Levinson [x y] mvp: "Re: Experts Only reply..Very risky security question..Experts invited" 
    Date: Thu, 8 Jan 2004 21:55:59 -0500

    www.ipsentry.com is one solution, starting around $100 US. It is
    inexpensive, has a lot of options for alerting you and monitors a lot of
    other things besides event logs as well. For example, it can alert you if
    things happen that don't generate an event log entry, such as the server or
    a service on it stops responding. And it's a little smart in that you can
    set up alerts in a hierarchy, so that if a router stops responding to ping,
    your pager or email won't get thousands of alerts when all the dozens of
    services you're monitoring on the hundreds of servers behind that router
    appear to stop responding. Similarly, you can configure it to alert you
    when a server doesn't respond three times, and then wait four hours before
    contacting a backup or someone above you. But if you want the data in a SQL
    server to do datamining and searching, It may not be it's your best option.

    Or you could use a free NT syslog utility similar to NTSyslog [there are at
    least one or two others as well] to get the event log entries into the SQL
    server. Or you could just use free log extraction utilities like the free
    command line utility from www.sysinternals.com and then set up scripts to
    port those text files into SQL somehow.

    "Brad Gravesen" <bgravesen@yvcc.edu> wrote in message
    news:#YVSTYj1DHA.2676@tk2msftngp13.phx.gbl...
    > Anyone have any decent suggestions for an Event Log monitoring system.
    I'm
    > looking for something to manage about 30 servers. I'm not really budgeted
    > for MOM or NetIQ App Manager, not to mention it's probably overkill. I'm
    > looking for something that can let me view the systems event log data in a
    > web page and allow me to setup rules and alerts. Preferably with a MSSQL
    > backend.
    >
    > Thanks,
    > Brad
    >
    >

  • Next message: Karl Levinson [x y] mvp: "Re: Experts Only reply..Very risky security question..Experts invited"

    Relevant Pages

    • Re: Monitoring and Alerts
      ... Relay settings for Exchange SMTP Virtual Server: ... we pursue the performance alerts issue further. ... | Subject: Re: Monitoring and Alerts ...
      (microsoft.public.windows.server.sbs)
    • Re: wmiprvse.exe using an average 95% CPU
      ... All other standard alerts do not cause the problem and can be left enabled. ... I have tried reinstalling the monitoring and this appeared to work for about ... make no difference (do I need to restart the server with this service set to ... related to monitoring and reporting. ...
      (microsoft.public.windows.server.sbs)
    • Re: Performance Logs and Alerts service not running
      ... It is SBS monitoring that is actually producing the error which does state ... that the automatically running service 'Performance Logs and Alerts' is not ... The Performance Logs and Alerts service ... This server has been running for a couple ...
      (microsoft.public.windows.server.sbs)
    • Re: Customizing Exchange Monitoring Notifications
      ... If you want customized monitoring, consider getting a copy of MOM Workgroup ... Does any know how to customize the Exchange server notifications aside ... the alerts stopped coming in. ...
      (microsoft.public.exchange.admin)
    • Re: What are the best general things to do after a dirty shutdown (Server SBS)
      ... Microsoft Windows Small Business Server 2003 Best Practices Analyzer ... After that, please post any event log errors, just the EventID# and Source names, not the whole error message. ... error 15100 Win32 Error 15100. ... One is indicating it can't retrieve info about the System log. ...
      (microsoft.public.windows.server.sbs)