Introduction (Step 1 of 6)
Getting Started
The initial setup of EventSentry contains several packages that outline common scenarios many of our customers face. When an error is detected on a hard disk most administrators like to know about it. However, there may be some events that are a bit more specific to your network that you would like to receive. If you are monitoring for certain events that have a unique source or event id this process may not be that difficult. On the other hand, if you have ever monitored for an event that shares similar information with another event (i.e. source, category, or id) or it is an event found in the Security log, you will realize the importance of being able to filter by the text in the message.
Using EventSentry 2.8x+
With the release of EventSentry v2.80 the Filter Rules Test Utility was introduced which makes testing your rules a lot easier. Instead of waiting for the event to occur we can now generate it and see a list of all filters that will match that event. This tutorial uses EventSentry v2.80 but illustrates core concepts of EventSentry that been in the product from the beginning.
