1 of 1 people found this helpful
There is a windows event log monitor template you can use. I found it some time back in the APM monitor share archives. It's a vbscript monitor.
It counts the number of events matching the spec's you give it... which can be ID number, a string of text, and number of minutes to look back.
Great - I will test this Template. Thank-you.
Sending the Event Logs to the Orion syslog facility and setting up an alert to look for the key words using regular expression is working out well for us. SolarWinds makes an Event Log forwarder and there are others out there as well.
Also, as a bonus; having all of your Event Logs in a central repository can be nice for searching.
I like byrons method and a bonus... it doesn't require APM :}
What's the event log forwarder to syslog called?
The one produced by SolarWinds is called Log Forwarder for Windows. If you log into your SolarWinds customer portal and select Additional Components on the left menu you should be able to find it.
There is also a different open source product called NTsyslog and you can find it at the link below.
I also put another constantly maintained one in the content exchange:
Eventlog to Syslog v4.1
Last revised January 20, 2010
This program is written in C and provides a method of sending Windows Eventlog events to a syslog server. It works with the new Windows Events service found in Vista and Server 2008 and can be compiled for both 32 and 64-bit environments. Both compiled binaries are here for download. Designed to keep up with very busy servers, it is fast, light, and efficient. The program is designed to run as a windows service.
Changes in v4.0:
§ Added ability to ignore specific events
§ Added a status file for monitoring service operation
§ Added event’s timestamp to outgoing messages
§ Added compatibility with the Vista/Server 2008 Windows Events service
§ Added ability to send to two Syslog servers simultaneously
§ Fixed a possible memory exception with bad message definitions
§ Fixed a bug where utility would not search all message files