![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Navigation
Install the app
How to install the app on iOS
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
More options
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Event Log centralization
- Thread starter cb9fl
- Start date
kiwi syslog, MySQL, evtsys by Purdue Uni and a custom web gui i developed (i didn't use any event logs for my demo, but i do at work). It's not the best solution, but at least it works and was all free. Kiwi gave me a free license.
If your not talking about 100's of servers you can use Microsoft's Log parser. It allows you to run it and export it right into a SQL database. I use it as a scheduled task to export all print jobs from my print servers into a SQL DB.
is there a practical limit for MS's Log Parser?
I've got about 40 servers that need active log monitoring.
Can the log parser run on a central machine and connect to various machines around the network, or does it have to actually run on each machine?
How do you avoid re-exporting records (duplicates)?
to add to the above poster about GFI SELM
They have released a replacement product called Events Manager
Its nice. Im using in in a test environment , monitoring all DC's , exchange , and sql. It will also accept wc3 logs from ISA and syslog' s. Its a nice package
They have released a replacement product called Events Manager
Its nice. Im using in in a test environment , monitoring all DC's , exchange , and sql. It will also accept wc3 logs from ISA and syslog' s. Its a nice package
is there a practical limit for MS's Log Parser?
I've got about 40 servers that need active log monitoring.
Can the log parser run on a central machine and connect to various machines around the network, or does it have to actually run on each machine?
How do you avoid re-exporting records (duplicates)?
yes, I run sceduled taks from one machine that collect against all of my print servers. It uses a checkpointfile to keep track of what was already imported. I use MS SQL because thats what I have avialable, but i'm sure it will work with mySQL if you have that.
I think the only real limitation is the amount of records being put into the DB. MY system logs roll over very 2 days. I have 3 million records for 6 months worth of print jobs (I only export event id 10). So if you have that many records i would think about doing some stored proceedures to archive records to a diff table every few motnhs or so but that up to you. It will just increase your query times when you go to do reports.