Windows Event Log
Windows Event Log records Windows Event Log messages. Windows Event Log messages include application, security, setup, system, and forwarded events.
Each log message record contains the following data columns:
- . Date and time for the event message.
- . Source of the event message notification.
- . Type of WinEvent message received.
- . Log message string.
: In order for entries to be added to this report, the Windows Event Log listener must be enabled and a Windows Event passive monitor must be added to a device. For more information on the Windows Event Log listener, see Enabling the Windows Event Log Listener.
Fetch and filter log data
. Choose one or more host devices.
Use the Select Device dialog for one of the following:
Control
|
Purpose
|
Device
|
Browse and choose a single device.
|
Device Group
|
Choose an existing group of one or more devices. You can also create custom or dynamic groups.
|
: You can organize devices into custom or dynamic groups. For more information, see Grouping Devices.
Choose specific windows for log data, or choose for the latest.
Choose time constraints for data view
Control
|
Purpose
|
Date Range
|
Choose or define an overall date range.
|
Business hours
|
- Focus on specific days of the week and periods within each day.
- Reveal trends that are sensitive to business hours, time zones, and other periodic attributes in the observed data.
|
. Select rows based on specific column values, remove columns, and remove noise and chaff from the table.
Filter tables rows and hide and select columns
Click a column heading and use the following from the drop down list:
Control
|
Purpose
|
Sort.
|
Sort column in ascending or descending order.
|
Columns.
|
Pick the columns you want to view. Click a check box to display the column. Clear the check box to hide it.
|
Group by this field.
|
Group table into collapsible rows wherever the current column contains identical data ("field") values.
|
Filters.
|
Provide a keyword and use wildcards to view only rows that contain the keyword for the selected column or view.
Most column and log view filters provide the following wildcard matching:
- Match either zero characters or any one character ('?').
Example: 198.51.100.2? (Matches tokens with IP address ending with 2, or 20-29.) - Match either zero, any one, or many characters ('*').
Example: Stop* (Matches log strings containing Stop, Stopped, Stopping, and so on.)
|
Email, export, and save as PDF
Windows Event Log event data can be exported, reused, and distributed. Select export () to access the following options: