nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

Capability to write to any Event log

FormerIdeaCreator

Currently the only option is to write to the Application event log. It would be very useful to be able to write events to any event log available on the server including custom logs.

Find more posts tagged with

kiwi_syslog_server

prodfr

event_logs

Status: None

Comments

alsoszaa

I came here to the community boards just looking to add this to the topics! This is a HUGE one for us!!!!

Aforsythe

By “Any Event Log” do you mean writing to like the windows event log on any network server? Can you elaborate on why that would be helpful or provide specific scenarios?

kstone

I would be looking to write events to custom event logs on the same server that Kiwi is running on. We write many thousands of entries to the Application log and it would be cleaner if some of the events were to go to a specific event log.

We do this now with either Eventcreate(legacy) or Powershell but this involves writing a script, invoking a shell, and then the Kiwi rule. If the option existed to choose any event log, including custom logs, within Kiwi it would be a simple config item.

alsoszaa

Here's the comment I left in the forum:

Is there no way to create a custom Event log and log items to it? Can you not change the event IDs of any of your rules? Can you at least parse any of the syslog message to the event in order to change the hostname its coming from or source? can you not modify the message as it is logged maybe to strip out the date and time (In order to set consolidation of alerting in other programs you are catching these alerts)? All I am able to do is change the message type (Event Level).

This is a HUGE win for us if ANY of these ideas can be added.

Currently we are sending SAN array alerts through syslog and catching it through Kiwi. Kiwi is logging to the event log and SCOM is picking it up and notifying the correct party. However, there is not much we can do at the moment in Kiwi to have the event logged in a way to use several different actions in SCOM since your choices are only Warning, Error, or informational.

Please let me know if you are having any of these same problems or if you know another way around this. There are free syslog servers that aren't nearly as good as syslog for filtering and rules, but you have the options to send alerts to several different custom Event logs.

pserwe

How about write to NPM event log?

Peter