Example 1: SMTP and ODBC Action

<< Click to Display Table of Contents >>

Navigation:  Additional Tips and Resources > Examples & Templates > Filter & Target Examples >

Example 1: SMTP and ODBC Action

The goal of this example is to log all event log entries to an ODBC action and, in addition, be notified of important events through a SMTP action. We will also exclude unnecessary events from being sent through the SMTP action.

 

1. Add an ODBC Action

All filters that are going to use this action will log event log entries to the ODBC DSN SQLServer to the table EventSentry.

 

clip0206

 

2. Add an SMTP Action

All filters that are going to use this action will send event log entries through the mailserver mail.netikus.net sent from eventsentry@netikus.net to eventsentry@netikus.net.

 

clip0207

 

The action list should then look like this:

 

clip0208

 

3. Add an Include Filter for the ODBC Action

This filter will log all event log messages from the Application, Security and System event log to the target ODBC Action.

 

clip0209

 

4. Add an Include Filter for the SMTP Action

This filter will log Warning, Error and Audit Failure event log messages from the Application, Security and System event log to the target SMTP Action.

 

clip0210

 

5. Add an Exclude Filter for the SMTP Action

This exclude filter will exclude all event log entries from the RemoteAccess source - but only for the SMTP Action. The ODBC Action will still receive those events.

 

clip0211

 

After installing the three filters above the Installed Filters list should look like this:

clip0212