We recently enabled monitoring for a few eventid's for DHCP database related events. Today we noticed that events 1010 and 1016 were triggered in the windows event viewer but no events are alert generated in Nimsoft.

• Release: 20.3
• Component: UIM - NTEVL

- ntevl configuration

1. Please ensure you are using the latest GA version ntevl v4.33
   http://support.nimsoft.com/Files/Archive/00074/ntevl-4.33.zip

          Via Raw Configure mode for ntevl,

2. Set poll interval to 30 seconds
3. Increase max number of threads to 10, then to 20 if the issue persists
4. Make sure that there all profiles that match logs that are being monitored by the probe (ie. Application, System)
5. wmi_timeout = 15 sec
6. no_of_threads = 5
7. AlarmTimeOutDuration = <keep this value empty>
8. Also, If you’re seeing high CPU consumption from the ntevl probe, try removing the Security log from monitoring: Via ntevl probe Raw Configure option, Disable (remove) Security log from the logs section thereby preventing Security log monitoring.