As we have seen in the previous post creating a customized Data Collector Set is pretty straight forward. Go here to read the post! In addition we have seen that the data sources defined were derived from a set template. In this post we are going to see how you can add your own data sources to a previously created... Read More
Most Systems Administrators have used Performance Monitor to view real-time performance data on Windows servers and identify bottlenecks. Some may have also recorded sessions and later analyzed log files for performance issues. In fact, this is what I will be talking about in the couple of posts to come, mainly about Data Collector Sets. Data Collector sets gather system information,... Read More
As we have seen in Setting up an Event Collecting Computer you can use either Http or Https protocol to transfer data from the forwarding to the collecting computer. Although standard Http transport uses encryption for forwarded events, you can configure event forwarding to use the encrypted Https protocol. However, using Https requires the following additional tasks to be performed... Read More
Events are collected or sent (when subscription configuration is set to normal) every 15 minutes which is quite adequate for normal operations; however, there might be critical periods for some resources that we need to reduce this delay and get critical events faster. As already noted in Setting up an Event Collecting Computer, with the help of the wecutil command-line... Read More
Having set up all remote hosts that you will be retrieving Events from, it is time to configure the Collecting workstation. The collecting computer would normally be an admin computer running Windows Vista, Windows 7 or Windows Server 2008. Assuming our collecting computer is named env1client01 then, from an elevated command prompt type: wecutil qc This command will set Windows... Read More
Windows Event forwarding requires the setup of forwarding computers and a collecting computer as we have seen in Managing Windows Events. In this post we start by setting up a typical forwarding computer and proceed to the collecting computer setup in another post. Let's assume that we are collecting events from a Windows 2008 server named Win2k8Web, hence our first... Read More
The wealth of info stored in Windows event logs is astonishing. But most often we miss what we are looking for as the amount of information stored may be overwhelming at times. There are various third-party tools out there that manage and organize event logs in a useful manner; however, I would like to share with you some Event Forwarding... Read More