You can launch the following VBScript through the application scheduler e.g. every 1 minute to be notified when the number of files in a given folder exceeds a configurable limit. Note: The file needs to be saved with the .vbs extension and called it through cscript.exe. You set the directory in the variable: DIRECTORY and the number of...
You can launch the following VBScript through the application scheduler e.g. every 1 minute to be notified when the size of a file exceeds a configurable limit. Note: The file needs to be saved with the .vbs extension and called it through cscript.exe. You can configure the file with the FILENAME variable and the maximum size of the fi...
You can launch the following VBScript through the application scheduler e.g. every 1 minute to be notified when a file has not been updated in X seconds. Note: The file needs to be saved with the .vbs extension and called it through cscript.exe. You can set the filename with the FILETOCHECK variable and the longest acceptable time the...
You can launch the following VBScript through the application scheduler e.g. every 1 minute to be notified when a web site or other component e.g. SMTP in IIS is stopped. Note: The file needs to be saved with the .vbs extension and called it through cscript.exe. vbscript 39 Lists the state of all IIS web sites configured on th...
Open the management console Navigate to Packages System Health In the ribbon click on the arrow below Filter and select Services Locate the appropriate package Services by default expand it and click on Services On the top right click the plus icon to bring up the Add Service dialog Specify the service key name ...
Open the management console Navigate to Packages System Health In the ribbon click on the arrow below Filter and select Disk Space Locate the appropriate package Disk Space Error or Disk Space Warning depending on the severity of the alert expand it and click on Disk Space Adjust the alert thresholds under Limits Save ...
Open the management console Navigate to Packages System Health In the ribbon click on the arrow below Filter and select Disk Space Locate the appropriate package e.g. Database Purge for alerts regarding the PostgreSQL database size expand it and click on Disk Space Click the Directory Monitoring tab Locate the correct ...
File monitoring aka as File Integrity Monitoring FIM monitors directories to detect changes to files as well as files being added and removed from directories. By default EventSentry monitors all files with the .exe and .sys extension in the SYSTEMROOT\system32 as well as SYSTEMROOT\syswow64 directories on x64 systems to ensure that...
Open the management console Navigate to Packages System Health In the ribbon click on the arrow below Filter and select Network Time Sync Locate the appropriate package expand it and click on Network Time Sync NTP Adjust the interval tolerance event severity and/or NTP server list Save the configuration To add NTP m...
EventSentry monitors all scheduled tasks on a system by default and will generate an alert when a scheduled task is added removed or changed. Open the management console Navigate to Packages System Health In the ribbon click on the arrow below Filter and select Scheduled Tasks Locate the appropriate package expand it and cli...
If you are getting diskspace alerts about a specific drive that is expected to have little or no disk space available such as the destination for a backup then you can create a customized rule to disable alerts on that particular drive. Open the management console Expand Packages and click System Health Click Add on the ribbon to add a...
video 3 Under 39Tools Embedded Scripts39 click 39New39 and then label this 39expiringcerts.ps139 and in the 39Script Content39 box add: powershell sl cert: MaxDays = 30 GetChildItem Recurse where .notafter le getdate.AddDaysMaxDays AND .notafter gt getdate.adddaysMaxDays select NotAftersubjec...
Forwarding Syslog messages as email alerts is a threestep process assuming that Syslog messages are already successfully received in EventSentry: Enable Syslog to Event Log which creates events in the application event log from the Syslog messages Configure one or more Syslog text filters Create filter rule to forward those events ...
The easiest way to get notified in realtime whenever a Windowsbased system boots is by forwarding Event Log event 6009. This event is logged to the System event log whenever a Windows OS starts up. 1. Open the management console and either find an existing event log package to add this new filter rule to or create a new even...
The easiest way to get notified in realtime whenever a user is created in Active Directory is by forwarding MicrosoftWindowsSecurityAuditing event 4720https://system32.eventsentry.com/security/event/4720. This event is logged to the Security event log whenever an Active Directory user is created. More informa...
The easiest way to get notified in realtime whenever specific service/driver starts or stops is by forwarding EventSentry event 10100 or 10150. This particular event is logged by EventSentry when a service or drivers status changes. Service monitor is a feature that is enabled by default in EventSentry under System Health Services...
The easiest way to get notified in realtime whenever a user attempts to log on more than X times with a wrong password is by forwarding MicrosoftWindowsSecurityAuditing event 4625https://system32.eventsentry.com/security/event/4625. This event is logged to the Security event log whenever a user fails to logon. More...
In a production environment it can be important to know if and when a VM is reverted to a snapshot. If the VMWare ESXi host is configured to send Syslog messages to a log hosthttps://docs.vmware.com/en/VMwarevSphere/6.7/com.vmware.esxi.upgrade.doc/GUID9F67DB52F469451FB6C8DAE8D95976E7.html like EventSentry then it will send a message s...
Event log alerts can often by cryptic and difficult to understand especially when alerts need to be interpreted by nontechnical staff. EventSentry makes it easy to simplify complex alerts by letting you completely rewrite the content. For example the following potentially complex event log message event 4688https://system32.eventsentr...
Starting with Windows 10 and Windows Server 2016 you can generate audit events whenever files are written to a removable drive by enabling auditing for the Removable Storage audit subcategory of the Object Access audit category. This will result in 4663https://system32.eventsentry.com/security/event/4663 events being generated whenev...
In larger network environments different groups of computers/servers are managed by separate groups. For example you have Exchange servers managed by your Exchange team and Database servers managed by your Database team. If an Exchange server goes down then the database team does not need to be notified. We can use the default heartbeat aler...
The Software/Hardware Inventory system health package can monitor battery levels both on laptops and directly attached UPS devices. Alerts generated by this feature can be used that to generate an email when the percentage is low. By default there is a System Health Inventory Software/Hardware Monitoring package if you don...
With the EventSentry Log File Monitoring feature you can be alerted via email if specific text gets written to a file. In this HowTo we will use the default Log File Windows Update as an example but this can be used for any other log file monitoring package existing or new. Expand Log Files Expand Windows Update C...
Synology diskstations offer a SNMP counter that can be monitored with EventSentry to alert if a system update is available. This information can be obtained by monitoring the upgradeAvailable SNMP OID 1.3.6.1.4.1.6574.1.5.4.0 This counter returns one of the following values: 1: Available 2: Unavailable 3: Connecting 4: Dis...
In a production environment it can be important to know if and when a snapshots of a VM are added to deleted. If the VMWare ESXi host is configured to send Syslog messages to a log host like EventSentry then it will send a message that will include the text shown below when a snapshot is added or removed: Snapshot Added State Transit...
