Using Windows Event Logs with LogAnalyzer

LogAnalyzer provides a message parser that understand Windows Event Log entries in Adiscon common format. With that parser, all Windows event log properties can be easily accessed, displayed and searched for.

How to get hold of the Windows Event Log Data

LogAnalyzer does not (yet) provide a data source driver to natively pull the log entries from the Windows event logs. So it needs to be delivered to it. This can be done with Adiscon's EventReporter or MonitorWare Agent software. These Agents are excuted either on each Windows machine (or a single machine doing remote monitoring) and the events extracted are written to LogAnalyzer's datasource (either a file or database). Depending on your network setup, you may have some intermediate systems, in which case the actual write to the data source is done by something like WinSyslog or rsyslog.

Once the data is inside the data source, the event log subparser does the rest. Together with proper view defininitions, it provides a native-like view and search capability of that data. Please note that Windows Event Log Fields can also be used as sources for drawing graphics.

[manual index] [LogAnalyzer site]

This documentation is part of the Adiscon LogAnalyzer project.
Copyright © 2008-2011 by Adiscon. Released under the GNU GPL version 3 or higher. Adiscon LogAnaylzer commercial licenses are also available.