The most recent content from our members.
Greetings All. I know that Log Analyzer does not capture all Windows events by default - just a selected subset of events. Sure that I have seen that list somewhere on the Internet. But... I can't find it now. Can someone provide the link or search information to find the list of Windows events that log analyzer captures…
I'm really new to SolarWinds (and SWQL for that matter), and what I am looking for is to create a report for all our Windows machines being monitored that will show how many times a specific Windows ID has been triggered in the environment, but that same thing for about 15 different event IDs. I've dug through the reports,…
I have been using Kiwi Syslog server and now use LA in HCO. I am using the Orion agent on Windows servers. I found the way to create email alerts for Windows events (like I made an email alert whenever a user is added to the Domain Admin group), and it works fine. But is there a way to include the contents of the Windows…
I’m pleased to announce the General Availability of Log Analyzer (LA) 2.0 on the Customer Portal. You may be wondering what Log Analyzer is. The artist formally known as Log Manager for Orion has undergone a transformation. It has evolved past its former life as a 1.0 product and become Log Analyzer 2.0. Log Analyzer was…
When Log Analyzer 2.0 was released it introduced the ability to use the Orion agent to stream Windows Events to the LA platform. By default only certain events are sent into the system as per this knowledge base article. This method substantially reduces the messages coming into the system by filtering at the agent level.…
For setting up log management (both Syslogs and Windows Event Logs) at remote sites, what is the best way to go when using LEM? * Kiwi Syslog Server: have both Syslogs (from network devices, UPSs, etc.) and Windows Event Logs (converted to Syslogs with Log Forwarder for Windows) sent to a Kiwi Syslog server at each site,…
Hi All, I am a Windows System Administrator. I am using Serv-U FTP server in my environment and Recently I have come across a situation where some important data was deleted from a serv-u directory by a Serv-u user but I am unable to figure out which user has deleted it as multiple users have access to this same directory.…
A large number of events with unique event IDs trigger the 'Error in Windows Event Log' alert. I want to be able to filter on certain event IDs and mark those alerts as "high priority". Any suggestions?
It looks like you're new here. Sign in or register to get started.