Tip

Wanted: Low-cost method to monitor WinServer 2003 event logs

My goal this week was to find a low-cost (say it with me: free!) method to monitor my Windows 2003 server's event logs, based on specific filters (i.e., specific event IDs, specific sources, etc.) and email me an alert if that event or events were added to any of the system's event logs.

Imagine my surprise and disappointment when all I could find were:

  • Expensive enterprise products, like Microsoft's MOM;
  • Open-source products that required a backend server, such as SNARE (System iNtrusion Analysis and Reporting Environment);
  • Cheap third-party utilities that looked either cumbersome, cheesy or unstable (or in some cases, all three).

I was disappointed that I couldn't find a simple program to accomplish this little thing (with the exception of Keroon Software's Event Log Watchdog Manager, though it still cost more than I wanted to pay). I even thought about diving into scripting, but who has time to create, manage and deploy scripts for something like this? Not me, and probably not you either.

Finally I stumbled across an event log monitoring application, EventSentry, from Netikus.Net Ltd. EventSentry is an application suite for Windows NT, Win2k, WinXP and Windows Server 2003 that monitors your server's (or workstation's) event log, system health and network devices. The best part is that it runs as a service and does not need its management console running in order to monitor your system.

    Requires Free Membership to View

Call me geeky, but this is a major plus compared to the other "low-cost" event-logging solutions I researched.

Netikus.Net also offers a freeware version of EventSentry, called EventSentry Light. (It's the successor to EventwatchNT.) EventSentry Light has no time restrictions but it's a stripped-down version offering only a few of EventSentry's features. Notably, none of EventSentry's database-related features (including the Web reports) are supported. I installed it and am delighted to report that it functions wonderfully.

EventSentry Light does not currently require a license, but has many features disabled. The stripped-down version performs filtering based on event log, severity, ID, source, category and text (maximum one include and one exclude filter) and offers  other features as well.

You have to register to download the freeware, but you can put in anonymous info (except email address). Afterwards, you'll have a sweet little program that can alert you when your server generates an event and get notified when it does. Although I intend on looking into the full product suite Netikus offers, I should note here that Windows Vista apparently has this event notification built in now.

Shocker, whenever I need something, I have to wait for the next release. . . .

About the author: Tim Fenner(MCSE, MCSA: Messaging, Network+ and A+) is a senior systems administrator who oversees a Microsoft Windows, Exchange and Office environment, as well as an independent consultant who specializes in the design, implementation and management of Windows networks.

More information on this topic:


This was first published in January 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.