Introduction (Step 1 of 5)
Getting Started
With the release of EventSentry v2.80 brought the long awaited and much anticipated Log File Monitoring. Now when using powerful options in EventSentry to monitor your Windows servers and workstations you are no longer limited to the information in the event logs. Using Log File Monitoring lets you monitor every log file on your machines, allowing for alerts and detailed reporting in the web reports.
Non-Delimited vs. Delimited Log Files
In EventSentry there are two types of log files you can monitor. Identifying the difference is only necessary when you plan on consolidating information to a database. If you do not want any log files consolidated you could use the Non-Delimited file type to set up alerts.
Non-Delimited log files are basically log files that do not follow a consistent pattern and mainly do not contain delimiters of any kind. In delimited log files such as IIS each value is separated by a space, DHCP uses a comma, and many other log files use a semi-colon. Delimited log files are also typically in one line where Non-Delimited log files like NTBackup are split in to several lines.
Scope
The depth of this tutorial will cover the out-of-box setup for EventSentry based on pre-defined file types. A more advanced tutorial that will walk through Log File Definition Mapping will be available shortly. This tutorial will walk through configuring the IIS file types that are included from the installation, how to set up email alerts based on strings found in the log file, and how to use the web reports to locate detailed information.
