How to watch the DFS Replication Log on Windows servers for events - ntevl probe
Article ID: 190532
Updated On:
Products
DX Unified Infrastructure Management (Nimsoft / UIM)
Issue/Introduction
How to watch the NTEvent (ntevl)?
Probe can watch the DFS Replication Log on Windows servers for events? The probes doesn't list which events logs it can watch
Probe can watch the DFS Replication Log on Windows servers for events? The probes doesn't list which events logs it can watch
Resolution
The probe should be able to read any windows event log.
When you go into the probe it reads the OS for a list of event logs and you can add them to monitoring
If the log file isn't available in the "Available Log files" window in the ntevl probe try this:
1) Shift+right-click the ntevl probe and select Raw Configure
2) Select Edit Configuration File...
3) Click on the logs folder and then click on New Key...
4) Give the log entry a name and a value of the Eventlog name, then click on OK
5) Click on the subsystems folder and add a subsystem with the name you chose in 4), and give it a subsystem id.
NOTE: When creating a new subsystem you should also create the same subsystem id in the NAS. This is done in the NAS GUI under Setup->Subsystems. It should be noted that any subsystem id outside of the Private id (3.) might get overridden by us at a later date, though in this case I would probably create a subsystem id 1.1.11.1.4 so that it came along side the predefined subsystem ids.
6) Repeat steps 4 and 5 as required for other logs...
7) Click OK to save and restart the ntevl probe. Wait until it has restarted (it will get a new port and pid) then double-click the probe to launch the GUI. You should now see your new logs.
If you want to store this configuration for use on other systems you can drag it into the archive and create a config package which you can then distribute to other ntevl probes.
note: you can run the command-> 'wevtutil el' on the system to identify the exact name of the DFS Replication log.
When you go into the probe it reads the OS for a list of event logs and you can add them to monitoring
If the log file isn't available in the "Available Log files" window in the ntevl probe try this:
1) Shift+right-click the ntevl probe and select Raw Configure
2) Select Edit Configuration File...
3) Click on the logs folder and then click on New Key...
4) Give the log entry a name and a value of the Eventlog name, then click on OK
5) Click on the subsystems folder and add a subsystem with the name you chose in 4), and give it a subsystem id.
NOTE: When creating a new subsystem you should also create the same subsystem id in the NAS. This is done in the NAS GUI under Setup->Subsystems. It should be noted that any subsystem id outside of the Private id (3.) might get overridden by us at a later date, though in this case I would probably create a subsystem id 1.1.11.1.4 so that it came along side the predefined subsystem ids.
6) Repeat steps 4 and 5 as required for other logs...
7) Click OK to save and restart the ntevl probe. Wait until it has restarted (it will get a new port and pid) then double-click the probe to launch the GUI. You should now see your new logs.
If you want to store this configuration for use on other systems you can drag it into the archive and create a config package which you can then distribute to other ntevl probes.
note: you can run the command-> 'wevtutil el' on the system to identify the exact name of the DFS Replication log.
Feedback
Yes
No
Powered by
