Requires: SQL Server 2016 13.x SP1 or newer all editions Starting with SQL Server 2016 13.x SP1 or newer auditing can be enabled on all editions not just enterprise of SQL Server. EventSentry can log and alert on sensitive events like user creation database deletion permission changes and more. Auditing can be enabled at th...

KB-ID 413
Category: Monitoring

There are a few prerequisites to setup in order to get notified when an Exchange mailbox is created or removed. The instructions below are for Exchange Server 2010 but are very similar for Exchange Server 2007. 1. On the Exchange server diagnostic logging needs to be setup. Diagnostic logging is configured by navigating to Microsoft Exchan...

KB-ID 214
Category: Monitoring
Applies to: All Versions

Windows NT 4.0 is supported until version 2.90 and starting with EventSentry v2.91 Windows NT 4.0 is no longer a supported platform. If you need to monitor a computer running Windows NT 4.0 then you will need to install the latest v2.90 agent on that computer. You can obtain older releases of EventSentry from the customer area. Please read...

KB-ID 276
Category: Monitoring

Yes the EventSentry web reports support multitenancy through access control and profiles. Access Control By enabling access control through the Accounts page in the Settings menu access to specific pages or hosts can be restricted based on user name or group membership. For example user John can be authorized to only view perfor...

KB-ID 266
Category: Monitoring
Applies to: All Versions

EventSentry requires that SNMP is enabled on the VMWare ESXi hosts in order to pull the virtual machine inventory. IMPORTANT: You must enable SNMP on the actual ESXi hosts it does not help inventory the devices if SNMP is only enabled on the VCSA server that is used to manage the ESXi hosts. Method A: If you are connected directly to the ES...

KB-ID 269
Category: Monitoring
Applies to: 3.1 and newer

You can utilize a short PowerShell script to get a list of all certificates that expire within a certain number of days. This script can then be executed on a regular basis usually daily and trigger an email alert if one or more expired certificates are found. The script is shown below: powershell sl cert: MaxDays = 30 GetChild...

KB-ID 339
Category: Monitoring
Applies to: 3.1 and higher

video 2 Create a System Health package labeled Performance Processes Click this package and then in the toolbar the click 39Add39 downdown on the right and then Performance / SNMP Click on Performance / SNMP then click the to add the performance counter: Give it a name such as Process Elapsed Time Add this c...

KB-ID 394
Category: Monitoring
Applies to: 4.0.1 and higher

video 3 Under 39Tools Embedded Scripts39 click 39New39 and then label this 39expiringcerts.ps139 and in the 39Script Content39 box add: powershell sl cert: MaxDays = 30 GetChildItem Recurse where .notafter le getdate.AddDaysMaxDays AND .notafter gt getdate.adddaysMaxDays select NotAftersubjec...

KB-ID 395
Category: Monitoring

The easiest way to get notified in realtime whenever a Windowsbased system boots is by forwarding Event Log event 6009. This event is logged to the System event log whenever a Windows OS starts up. 1. Open the management console and either find an existing event log package to add this new filter rule to or create a new even...

KB-ID 401
Category: Monitoring

Note: This article AND script have been updated on 3/25/2020 to use a more accurate data source please update your script. Countries must now be specified by their English name and NOT by the country code. This article outlines how to monitor current COVID19 stats by displaying on an EventSentry dashboard and/or receiving email alerts u...

KB-ID 416
Category: Monitoring
Applies to: 4.1 or later

With the EventSentry Log File Monitoring feature you can be alerted via email if specific text gets written to a file. In this HowTo we will use the default Log File Windows Update as an example but this can be used for any other log file monitoring package existing or new. Expand Log Files Expand Windows Update C...

KB-ID 420
Category: Monitoring

Telegram Messenger integration can be accomplished with the HTTP action. Configuring Telegram Messenger Creating a BOT Telegram implements a bot system to send messages through an API to a specific channel or group. To create a bot either search your contact list for BotFather or follow this linkhttps://telegram.me...

KB-ID 428
Category: Monitoring
Applies to: 3.1 and later

Windows Firewall policy changes like new program exceptions enabling/disabling/deleting policies can be monitored and detected with EventSentry along to detection when firewall is disabled. Enabling Policies Changes Audit In order to monitor Microsoft Windows Firewall policy changes the subcategory MPSSVC rulelevel Policy Chang...

KB-ID 429
Category: Monitoring

Note: This article requires EventSentry v4.2.3.x or higher Since VMWare ESXi hosts report CPU and memory utilization differently than other Linux or Unixbased hosts the generic Performance System package cannot be used to obtain performance metrics from VMWare ESXi hosts. Instead the VMWare system health package needs to be downl...

KB-ID 441
Category: Monitoring
Applies to: 4.2.3

EventSentry can be configured to restart services based on their resource usage. For example when a service uses more than the specified amount of memory handles or CPU a service restart can be triggered. Steps: 1. Creating a Performance Monitoring Package 2. Configuring the Performance Monitoring Package 3. Creating and Configuring ...

KB-ID 448
Category: Monitoring
Applies to: 4.1 and later

When utilizing the application scheduler on some NonEnglish versions of Windows commands that output nonascii characters e.g. Umlaut in German may cause the following issues: NonAscii characters in event id 10200 are not displayed correctly in the event viewer NonAscii characters in event id 10200 may not be stored in the builtin...

KB-ID 452
Category: Monitoring

This guide explains how to deploy the HWgSTE Ethernet temperature / humidity sensor in your server room or office. Note: Please see the links below if you have not yet purchased the HWgSTE. Steps: 1. Unboxing and connecting the sensors 2. Connecting to the HWgSTE and configuring it 3. Adding the sensor to EventSentry Un...

KB-ID 453
Category: Monitoring
Applies to: 3.1 and later

Sysmonhttps://docs.microsoft.com/enus/sysinternals/downloads/sysmon is a free driverbased utility that supplements Windows39s builtin audit capabilities. Combining Sysmon with EventSentry39s monitoring capabilities enables users to detect a number of potential threats on their monitored servers and workstations. The required Sysmon configur...

KB-ID 458
Category: Monitoring
Applies to: 4.x and later

The CPU and memory utilization of each container as well as the number of docker containers currently running can be monitored using EventSentry39s performance monitoring feature and PowerShell scripts. The following 3 scripts are available under Scripts Managed in the management console: dockercontainerscount.ps1 Monitors th...

KB-ID 472
Category: Monitoring
Applies to: 5.0.1.84

While overall performance and CPU statistics from nonWindows hosts can easily be obtained via SNMP getting the CPU usage of each process requires a few additional configuration steps. Since EventSentry39s performance monitoring feature supports importing data returned from an external process examplehttp://demo.eventsentry.com/dashboard/...

KB-ID 473
Category: Monitoring
Applies to: 5.0.1.90 and later

Monitoring and alerting on the runtime duration of processes This guide demonstrates how to set up EventSentry to trigger an alert when a process runs longer than a specified duration. We will use PowerShell as the example for this configuration. Open EventSentry Management Console From the left menu tree expand Packages and click...

KB-ID 502
Category: Monitoring
Applies to: 3.5 and latter