- Find Answers
- :
- Splunk Platform
- :
- Splunk AppDynamics
- :
- How to monitor windows logs or event logs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to monitor windows logs or event logs
Hi Team,
Can anyone help me like we need to monitor our windows logs or service event logs which is running in our local event viewer server to appdynamics and find out the error and warning logs information
Please let me know how we should achieve this functionality in app dynamics. Can anyone help me with exact configuration steps for this
Appreciate for help
Thanks
Eshwar
Edited for clarity. 9/19/22, C. Landivar
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I want to use the windows event log monitor to monitor windows updates by looking at the setup log. The extension works when configured to look at system, security or application logs however when configured for setup logs it throws an error.
The only thing i can find which may be the cause is this stackoverflow question which indicates that it won't work (https://stackoverflow.com/questions/12663703/geteventlogs-returns-no-setup-event-log) with the setup log however the extension page explicitly says it does support setup logs (https://www.appdynamics.com/community/exchange/windows-event-log-monitor/).
Stack trace from extension log:
2019/10/15 23:43:30.728 Error ExtensionLoader :Failed to start extension WindowsEventLogMonitor System.InvalidOperationException: The event log 'Setup' on computer '.' does not exist.
at System.Diagnostics.EventLogInternal.OpenForRead(String currentMachineName)
at System.Diagnostics.EventLogInternal.get_EntryCount()
at System.Diagnostics.EventLogInternal.StartListening(String currentMachineName, String currentLogName)
at System.Diagnostics.EventLogInternal.StartRaisingEvents(String currentMachineName, String currentLogName)
at System.Diagnostics.EventLogInternal.set_EnableRaisingEvents(Boolean value)
at AppDynamics.Infrastructure.Extensions.WindowsEventLogMonitor.Execute()
at AppDynamics.Infrastructure.Framework.Extension.ExtensionContainer.Start()
at AppDynamics.Infrastructure.Framework.Extension.ExtensionLoader.StartExtensions() at System.Diagnostics.EventLogInternal.OpenForRead(String currentMachineName)
at System.Diagnostics.EventLogInternal.get_EntryCount()
at System.Diagnostics.EventLogInternal.StartListening(String currentMachineName, String currentLogName)
at System.Diagnostics.EventLogInternal.StartRaisingEvents(String currentMachineName, String currentLogName)
at System.Diagnostics.EventLogInternal.set_EnableRaisingEvents(Boolean value)
at AppDynamics.Infrastructure.Extensions.WindowsEventLogMonitor.Execute()
at AppDynamics.Infrastructure.Framework.Extension.ExtensionContainer.Start()
at AppDynamics.Infrastructure.Framework.Extension.ExtensionLoader.StartExtensions()
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Mark,
Thanks for your investigation. This is a known issue and we have an enhancement request to support all non-classic event sources including Setup.
As you pointed, the document needs to be corrected for now and I hope we can expedite the feature update as well. I will update here once we publish new changes.
Anurag
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi eshwar, did you get any help on this ? i am facing the same problem how to filter and send errors via appdyn. maybe you have some helpful hints for me.
rgds, helmut.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Eshawar,
Please use the following extension
https://www.appdynamics.com/community/exchange/windows-event-log-monitor/
Thanks,
Raunak
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
May I also know if we can setup alerting on the events received from the event viewer. If yes, please let us know the steps.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You have to create a custom health rule based on the specific eventid, and then create a Policy to trigger an alert. Just make sure to use Type as the name of extension. You can try using custom event type = "WindowsEventLogMonitor", this needs to be the name of the extension, as provided in the extension.xml file.
Also the event properties exposed are
eventid
eventsource
machinename
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello, any property to filer based on the message contained in the log?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
iamryan
Hello all,
The extension was recently updated and now can be used to monitor the events entries. You can find the extension here: https://www.appdynamics.com/community/exchange/windows-event-log-monitor/
New This Month - Splunk Observability updates and improvements for faster ...
What's New in Splunk Cloud Platform 9.3.2411?
Buttercup Games: Further Dashboarding Techniques (Part 6)
