Verify a monitored remote service#

When to use this procedure#

Use for FTP, HTTP, IMAP, NNTP, Ping, POP3, SMTP, and related probes.

Applies to#

This procedure applies to EventReporter.

Prerequisites#

  • Use an account that can read the product configuration and Windows diagnostic state.

  • Replace angle-bracket placeholders with values from the affected system.

Safety#

  • Run diagnostic checks before changing configuration.

  • Remove passwords, private keys, license data, and other secrets from evidence.

Configuration path#

Configuration Client > the service, rule, or action named on the Event ID page.

Procedure#

  1. Record target, address family, port, TLS/authentication mode, timeout, and expected response.

    Expected result: The affected object and its effective settings are identified.

    If it fails: Return to the complete Event Log detail and configuration export before changing settings.

  2. Run the native Windows checks below from the affected product host.

    Resolve-DnsName -Name '<HOST>'
    Test-NetConnection -ComputerName '<HOST>' -Port <PORT> -InformationLevel Detailed
    

    Expected result: The endpoint is reachable and the smallest safe protocol request returns the expected response within timeout.

    If it fails: Correct DNS, route, listener, TLS, credentials, path, expected response, or measured timeout.

  3. Perform one uniquely identifiable product test through the same service, rule, or action.

    Expected result: The intended destination records the test exactly once.

    If it fails: Collect the first new product event and bounded debug output; do not change unrelated settings.

Verify the result#

Repeat the affected operation, confirm its positive output, and verify that queues, collection positions, or remote delivery continue normally.

Evidence to collect#

  • The complete Event Log entry and neighboring product events with timestamps.

  • The command output, relevant configuration export, and bounded debug log from the same interval.