video 1 Create event log package labeled Long Running Process Create an include filter in that package labeled Process Creation: text Action: Default Email Log: Security Event Severity: Audit Success Event Source: MicrosoftWindowsSecurityAuditing Category: Process Creation ID: 4688 To monitor a specific proc...
video 2 Create a System Health package labeled Performance Processes Click this package and then in the toolbar the click 39Add39 downdown on the right and then Performance / SNMP Click on Performance / SNMP then click the to add the performance counter: Give it a name such as Process Elapsed Time Add this c...
For any Process action or Application Scheduler object in EventSentry you can use a nonembedded script by providing the full path to the script file i.e. C:\Batch\powershellscript.ps1. In many cases it is however easier to utilize the embedded scripts functionality. This allows you to embed scripts of any kind commandline scripts...
Windows generates an event ID 4688https://system32.eventsentry.com/security/event/4688 in the Windows Security Event Log when a process gets launched. In EventSentry an include filter to monitor for those events needs to be created and associated with an email action so that an email alert is sent once this specific process gets started....