Event log monitoring is arguably the bread and butter of SCOM. There is plenty of flexibility in other directions, but from the customers I've dealt with most custom monitors that are needed deal with the event log. In this post I'll discussing Event Log properties.
If you've built any event log monitors and have needed to specify any properties other than the default of 'ID' and 'Source', you likely have seen that only a handful of the event properties are available to choose from:
These present a good starting point, but what if you want to look for a particular Event Type, or perhaps text in the Event Description?
The answer is to use the 'Use parameter name not specified' option. This option allows you to specify any parameter including those not listed above, provided that you know the parameter name. Here are the parameter names that can be specified:
So for example, if we wanted to create a rule to look for an event in the application event log from the source "App01", with an ID of "123", that has the text "Error 1 encountered" in the body of the description, our expression would look like this:
That should clarify things a bit. I'll be posting the next part in this series soon that will address customization of alert descriptions shortly.
5 comments:
Hi,
the information that you share about EventLog Monitoring is very much help full for me.
I have one question -->
I want to Create an Even Log Monitor Which Generate an Alert Each Time When Error is log in "Application" event log with Event ID "999".
Thanks.
Thanks a lot!
Thank you very much. I don't understand why all of the options were not included in teh common list.
Nice info, have a question though :-)
I have created a collection rule for an event but scom only seems to collect new events. How do i set it up to collect all events, even the old ones? I want to collect the events to a view to list all servers that ever had the eventid in the systemlog.
A successful event is one which is planned well and includes all the essential elements in it. From the sound to lighting and other captivating features, all are responsible to make an event happening as well as liked by the audiences.Event management perth
Post a Comment