search cancel

How to monitor Security and Microsoft-Windows-TaskScheduler/Operational Event logs

book

Article ID: 189428

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

How to monitor Security and Microsoft-Windows-TaskScheduler/Operational Event logs

Environment

Release : 9.0.2

Component : UIM - NTEVL

Resolution

You can install the latest ntevl probe available.

The 4.32 does not work on Windows 2012 and 2016. See KB article below:
https://knowledge.broadcom.com/external/article?articleId=123213


1. Launch the ntevl probe configuration wizard and in Setup / Properties TAB, add the Security and Microsoft-Windows-TaskScheduler/Operational.
Click on Apply button to save the changes and OK button to close the window.


2. Launch the ntevl probe configuration wizard. Go to Status TAB and choose Security.


3. Locate the Security event ID you want to monitor, right-click and choose New Profile. Supply the new profile name.


4. Enable the profile and choose the alarm severity level. In this example Minor alarm was selected. 
Click on Apply button to save the changes and OK button.


5. Logon on the machine monitored by the ntevl probe to generate a new Security event in question.

6. A Minor alarm is generated.



Attachments