I want something free that monitors event log events on a box and sends them somewhere in e-mails.
HealthMonitor is OK, but the filters aren't so fabulous (you can't make an filter for a specific combination of ID + Source).
EventSentry Light has very flexible filters but being free it deliberately doesn't monitor the Directory Service log etc.
Any others?
Possibly look at one of the Event Log -> Syslog daemons available, then have those logs filtered/emailed?
Also consider using Nagios. It can mail you when it decides something is broken or about to break.
Have you looked at Splunk? thats quite interesting.
fooby
Thanks, but none of those work with my constraints.. multiple sites, want to minimise change & don't want to add nix boxes to them.. there are strict ACLs for outbound traffic that I can't change e.g. can't get syslog traffic out.. would like to avoid SPFs. Would have made do with HealthMonitor but when testing memory usage climbed to 170MB in a couple of hours of not doing very much
Looks like it might have to be d-i-y dotNet code or maybe hack the c++ Snare agent. Neither are trivial.. catching events isn't too bad until you consider filtering, suppression of duplicate events, finding events that happened say during boot before your service got going etc.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote