ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Need to enable log monitoring on IBM servers using logmon for event 8198


Article ID: 239654


Updated On:


DX Unified Infrastructure Management (Nimsoft / UIM)


We have a requirement which is highlighted below.

We have noticed that below event ID is triggered on the server when the Windows activation is failed. 

Event ID: 8198

As we have only configured logmon for Dell_OMSA servers. Could you please help us to configure below requirement (IBM).


Release : 20.3

Component : UIM LOGMON 4.11/4.20


Here is an ntevl profile for Windows event 8198.


Here is the watcher section from the ntevl.cfg showing the Windows_activation profile.

      active = yes
      description = Event log messages with source 'Windows Activation'
      level = from eventlog
      logs = application
      severity = 1
      source = /.*Security-SPP.*/
      category = *
      event_id = 8198
      user = *
      computer = lvxxxxxxx39
      message = /.*License Activation.*/
      send_alarm = yes
      alarm_message = $source($event_id - $category): $message
      i18n_token = as#system.ntevl.src_id_cat_1
      send_subject = no
      subject = 
      subsystem = 
      suppress = no
      suppression_key = 
      send_to_axa = 
      tenant_id = 
      tags = 
      exclusive = no
      qos_count = no
      qos_interval = 3600
      time_frame = 
      evt_count = 
      evt_count_condition = 
      runcommandonmatch  = 0
      commandexecutable = 
      commandarguments  = 
      separator = 

Here is the email of the ntevl alarm base don the nas AO Profile created for an action of EMAIL.