Windows Thread, What Event Log Management Tool do you use? in Technical; I'm looking into a few solutions to centrally manage our Event Logs...
I've been looking at Spiceworks... It's OK but ...
7th April 2008, 10:24 AM #1
- Rep Power
What Event Log Management Tool do you use?
I'm looking into a few solutions to centrally manage our Event Logs...
I've been looking at Spiceworks... It's OK but produces very basic reports: but it is free.
Then there's ManageEngine EventLog Analyzer 5, it's a nice solution... bit pricey
Single Installation License Fee For 10 Host Pack: $995
Is there any other software which is worth a look?
IDG Tech News
7th April 2008, 10:26 AM #2
There's numerous tools for outputting Event Logs to a syslog server. There's then tools to analyse the syslog. I don't know any names off the top of my head but I'm sure Google can help.
7th April 2008, 10:42 AM #3
- Rep Power
I've tried Google and found other Event Log Managers, the two i mentioned above are the front runners from my web trawling... I was just wondering if Google had missed some...
Originally Posted by Ric_
7th April 2008, 10:53 AM #4
A quick Google for me turned up Syslog - Eventlog - Event Log Wiki which may help - it won't be an integrated solution but it shouldn't be difficult to implement.
If you use a syslog-based solution, you can point network devices there too (e.g. printers) so you will get all your messages in one place.
7th April 2008, 11:21 AM #5
If you syslog server is a Linux machine. I suggest you have a look at Logwatch. It's what I use here.
7th April 2008, 10:45 PM #6
Take a look at Microsoft's log parser - can scan just about any kind of log (inclding event logs!) and pull out just the bits you want (eg just errors) You can then stick that data whereever you want (eg a SQL database) and work with it there.
It's also free :-)
7th April 2008, 10:48 PM #7
I use event viewer
8th April 2008, 10:27 AM #8
I use Event Viewer too and using MMC you can view any machine event log remotely. You could also in theory create a MMC Snap-in of all event logs of your machines on the network. This would then centralise everything in one area.
8th April 2008, 01:04 PM #9
The downside of using event viewer is that you have to do something to find out what's going on - you don't get things sent to you when there's a problem.
this might be fine if you only have a few servers but once you get more than a few you really want something which at least summarises errors if not actively alerts you when things are going wrong.
8th April 2008, 01:07 PM #10
I believe Windows Server 2008 does allow you to be sent mail to alert you of particular problems. Alternatively applications like WSUS and Sophos have built in solutions to alert you of activity/problems.
8th April 2008, 08:30 PM #11
I always fancied trying GFi EventsManager just never managed to get round to it.
Available from Pugh not the cheapest solution though.
9th April 2008, 12:57 AM #12
Guess it depends what you mean by "manage".
I had a scenario where I only wanted an account to be e-mailed Win 2K & 2K3 server events that were uhh.. events I'm interested in and on reflection, being told once a day was quite enough (which conveniently allows you to have things like just one e-mail for 27,000 identical overnight error events). So a key point was decent-ish customisable filtering.
Next attribute was free <-> very cheap, because I had quite a lot of servers in mind. Looked far and wide, there was a reasonably good one (don't have name to hand) but it was a bit too far over very-cheap. So I just ended up writing it, and because it's me that's a CL-util you schedule and the config changes are done by text-editing a reg file of target logs, event filter rules etc.
Then it took a couple of *months* of events arriving and a fair amount of event research before I arrived at a filter set that did a pretty good job of filtering out the chaff-on-those-servers-according-to-me[tm] and it's still a work in progress. I'd have had to do the same with all the commercial products I found though - and I'm not sure I'd bother with this stuff for say less than 10 servers.
PS: One thing that fell out of this I wasn't expecting until I got hindsight, was the relative fragility of event logs. The app knew perfectly well where it was at last time, but I ended up making it scan an entire event log every time in order to detect corruption.
Last edited by PiqueABoo; 9th April 2008 at 01:14 AM.
13th April 2008, 03:57 PM #13
- Rep Power
we use this little baby...
PA Server Monitor Free Edition
We got a free upgrade to the lite version by posting a tiny hidden link on our school website for a month or so..
Scans the event logs of our 7 windows servers and emails the admin group whenever a error event crops up. We also use it for disk space checking as well..
It does a whole lot more than that. Great value tool for what it costs :-)
By Sylv3r in forum MIS Systems
Last Post: 14th July 2009, 02:24 PM
By EduTech in forum Gaming
Last Post: 8th February 2008, 10:33 PM
By SimpleSi in forum Windows
Last Post: 8th February 2008, 10:28 AM
By CM786 in forum Wireless Networks
Last Post: 4th April 2006, 12:33 PM
By ninjabeaver in forum Links
Last Post: 24th June 2005, 02:34 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)