Articles  
 

How To setup EventLogMonitor Service

Article created 2003-02-24 by Rainer Gerhards.
Last Updated 2006-12-21 by Florian Riedl.


Note: This guide was initially written for MW Agent, but the steps are the same in EventReporter.

1. First, right click on "Services", then select "Add Service" and then "Event Log Monitor":


2. Once you have done so, a new wizard starts.
If the following Popup appears, please select "Create Service":



Again, you can use either the default name or any one you like. We will use the default name in this sample. Leave the "Use default settings" selected and press "Next".

3. As we have used the default, the wizard will immediately proceed with step 3, the confirmation page. Press "Finish" to create the service. The wizard completes and returns to the configuration client.

4. Now, you will see the newly created service beneath the "Services" part of the tree view. To check its parameters, select it:


As you can see, the service has been created with the default parameters.

Note 1: The "Default RuleSet" has been automatically assigned as the rule set to use. By default, the wizard will always assign the first rule set visible in the tree view to new services. In our case, this is not correct and will be corrected soon.

Note 2: If you want to generate reports (using Monilog) on the data via this service i.e. EventLogMonitor, then you have to press the "Configure for Monilog" button and make the settings as shown in the screen-shot.

Note 3: If you want to generate reports (using MonitorWare Console) on the data via this service i.e. EventLogMonitor, then you have to uncheck the "Use Legacy Format" option. This is recommended. If you don't uncheck this option then meaningful reports aren't generated (i.e. reports are not properly consolidated by MonitorWare Console).

5. Finally we have to bind a ruleset to this service or else nothing will happen. If you already have a ruleset, simply choose one. If not, then follow this link to a appropriate guide:
Ruleset Creation with "Forward SETP"
Remember, this is only an example. You could use any action you like.

6. Finally, save the change and start MonitorWareAgent. This procedure completes the configuration of the syslog server.



MonitorWare Agent cannot dynamically read changed configurations. As such, it needs to be restarted after such changes. In our sample, the service was not yet started, so we simply need to start it. If it already runs, you need to restart it.

That's it. This is how you create a simple EventLog Monitor.

EventReporter
 Home
 Product Info
General Information
MonitorWare Products
Edition Comparison
Order and Pricing
Upgrade Insurance Info
News Releases
Version History
Product Tour
 - Screenshots
 Download
 Reference library
General Information
Step-by-step guides
 - All
 - Installation and Configuration
 - Services related
 - Actions related
 - Central Monitoring
Common Uses
Centralized monitoring
Security Reference
 Help
Support
Manual
FAQ
 - All
 - General questions
 - Installation and updates
 - EventReporter 6.x specific
Articles
Seminars Online
 - All
 - General
 - EventReporter related
 Order & pricing
Order now
Editions
Pricing Information
Upgrade Insurance Info
Local Reseller
 Contact Us
 Search
 
 



Printer Version Send this page to a friend

Copyright © 1988-2005 Adiscon GmbH All rights reserved.
Contact us via Secure Web Response | Privacy Policy
Topic Links: syslog | Free Weblinks Directory