How to monitor Security and Microsoft-Windows-TaskScheduler/Operational Event logs
Release : UIM 20.x
Component : UIM - NTEVL
You can install the latest ntevl probe available.
1. Launch the ntevl probe configuration wizard and in Setup / Properties TAB, add the Security and Microsoft-Windows-TaskScheduler/Operational. Click on Apply button to save the changes and OK button to close the window.
2. Launch the ntevl probe configuration wizard. Go to Status TAB and choose Security.
3. Locate the Security event ID you want to monitor, right-click and choose New Profile. Supply the new profile name.
4. Enable the profile and choose the alarm severity level. In this example Minor alarm was selected. Click on Apply button to save the changes and OK button.
5. Logon on the machine monitored by the ntevl probe to generate a new Security event in question.