Knowledge Base


Starting with EventSentry version 2.70 you can view the native event log files usually with a .evt extension with the builtin event log viewer of EventSentry. Simply rightclick the Event Log Viewer container and select Open Log File. If you are running EventSentry v2.60 or earlier then you will need to open the event log files with th...

KB-ID 12
Category: Usage
Applies to:

No restarting the EventSentry service on any machine will have no effect on other machines since the agent only works with the local event logs. The EventSentry agent does write a few events to the local machine39s Application event log upon a service restart however.

KB-ID 15
Category: Usage
Applies to:

You will need to take additional configuration steps when configuring EventSentry to access resources located on different computer. By default the EventSentry agent =service runs under the LocalSystem account. This is a builtin system account that has administrative permissions on the local host but usually has no permissions on remote ...

KB-ID 18
Category: Usage
Applies to:

This is usually a permissions issue. When backing up the logs the EventSentry agent is running under the LocalSystem account by default and you might have to take additional steps in order for the backup to work. If you are only backing up the event logs then please click the help link below DOCID 18 for more information. If you are ba...

KB-ID 21
Category: Usage
Applies to:

EventSentry uses the standard Windows ports used for RPC/SMB File sharing to perform most remote update actions. To enable this feature to work with a firewall you should only have to open up the following port: Port 445 TCP If you are using the Windows Firewall then you will need to allow File and Print Sharing. Alternatively you ca...

KB-ID 25
Category: Usage
Applies to:

EventSentry Version 2.60 and earlier: This occurs only if you are using the summary notification feature and restarted the EventSentry service or the entire computer during the collection period. EventSentry Version 2.70: Starting with EventSentry 2.70 the FILTER variable is no longer supported for summary notifications due to an interna...

KB-ID 32
Category: Usage
Applies to:

Added with version 2.21 was the ability to specify different credentials when using Remote Update. Please see the additional links for more information on this feature. If you cannot use the builtin authentication feature of EventSentry for some reason and are running Windows 2000 or higher then you can rightclick the GUI executable events...

KB-ID 34
Category: Usage
Applies to:

EventSentry is an event log monitoring application and does by design not rescan the event logs. It monitors the event logs and processes current and new events in real time. It does not process past events. The only exception is when you have the Bootscan feature activated. When this feature is active EventSentry will rescan the event ...

KB-ID 44
Category: Usage
Applies to:

EventSentry uses Windows RPC calls to update remote agents and remote update forwards all error messages reported by Windows when a remote update fails. EventSentry uses the following features: Remote Service Control connecting to the remote SCM service control manager File access EventSentry installs all required agent files to ...

KB-ID 51
Category: Usage
Applies to: All Versions

Every application that is logging to the event log ussage has what is called a message file associated with it. Message files are used to translate event ids and their associated insertion strings to actual descriptive event messages. Message files are usually DLL or EXE files that are shipped with the application. For example the message fi...

KB-ID 65
Category: Usage
Applies to: