Articles  
Search:   

How To setup EventLogMonitor Service

Article created 2003-02-24 by Rainer Gerhards.
Last Updated 2005-08-16 by Timm Herget.

1. First, right click on "Services", then select "Add Service" and then "Event Log Monitor":


2. Once you have done so, a new wizard starts.
If the following Popup appears, please select "Create Service":



Again, you can use either the default name or any one you like. We will use "My Event Log Monitor" in this sample. Leave the "Use default settings" selected and press "Next".

3. As we have used the default, the wizard will immediately proceed with step 3, the confirmation page. Press "Finish" to create the service. The wizard completes and returns to the configuration client.

4. Now, you will see the newly created service beneath the "Services" part of the tree view. To check its parameters, select it:


As you can see, the service has been created with the default parameters.

Note 1: The "Default RuleSet" has been automatically assigned as the rule set to use. By default, the wizard will always assign the first rule set visible in the tree view to new services. In our case, this is not correct and will be corrected soon.

Note 2: If you want to generate reports (using Monilog) on the data via this service i.e. EventLogMonitor, then you have to press the "Configure for Monilog" button and make the settings as shown in the screen-shot.

Note 3: If you want to generate reports (using MonitorWare Console) on the data via this service i.e. EventLogMonitor, then you have to uncheck the "Use Legacy Format" option. This is recommended. If you don't uncheck this option then meaningful reports aren't generated (i.e. reports are not properly consolidated by MonitorWare Console).

5. Now you must differentiate between clients and central hub server. In clients use the "Forward " RuleSet we have created in Step 2, select it as rule set to use. In central hub server select the "Database Logging" RuleSet we have created in Step 3. Leave all other settings in their default.

Clients:

Central hub server:

6. Finally, save the change and start MonitorWareAgent. This procedure completes the configuration of the syslog server.



MonitorWare Agent cannot dynamically read changed configurations. As such, it needs to be restarted after such changes. In our sample, the service was not yet started, so we simply need to start it. If it already runs, you need to restart it.

With step 5 the client machines configuration has finished. All the next steps are only concerned with the central hub server.

EventConsolidator - Monitor your Servers and Routers
 Home
 Products Information
Software Maintenance
Complete Price List
News Releases
Product Websites
 - MonitorWare Agent
 - WinSyslog
 - EventReporter
 - MonitorWare Console
 - SimpleMail
 - Password Manager for IIS
 - ActiveLogger
 - PocketPasswords
Customers
Security Advisories
 Resource Centers
General
IIS
Articles
Forum
Security Object Reference
Event Reference
Configuring Syslog
Unix & Linux Links
Seminars Online
Step by step
 About Adiscon
About us
Homepage
Contact Us
 Order & pricing
Order now
Pricing Information
Upgrade Insurance Info
Local Reseller
 Press
 Search
 

 



Printer Version Send this page to a friend

Copyright © 1988-2013 Adiscon GmbH All rights reserved.
Contact us via Secure Web Response | Privacy Policy
Topic Links: syslog | Free Weblinks Directory