complete event log viewing, monitoring and management
DESCRIPTION
Complete Event Log Viewing, Monitoring and Management. Event Log Sentry & View Functionality Summary. Remote viewing of multiple event logs with filtering capabilities Real-time notification of critical events Automatic response to selected events Automatic event storage in MS SQL Database - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/1.jpg)
Complete Event Log Viewing, Monitoring and Management
![Page 2: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/2.jpg)
Event Log Sentry & View Functionality Summary
Remote viewing of multiple event logs with filtering capabilities
Real-time notification of critical events Automatic response to selected events Automatic event storage in MS SQL Database Automatic clearing and archiving of event logs Centralized management of Audit Policies and
event log settings
![Page 3: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/3.jpg)
Event Log Suite integration with Demandtech Software
Out-of-the-box templates for viewing, monitoring, and managing specifics events generated by Performance Gallery/Performance Sentry
When? May 2002
![Page 4: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/4.jpg)
Event Log View
Consolidated Event Log Viewing
![Page 5: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/5.jpg)
When do you view your event logs?
Best Practices requires Daily viewing
Diagnostic Event Viewing when systems fail
![Page 6: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/6.jpg)
Functionality of Event Log View
Consolidated view of Event LogsGrouped machines for strategic viewingComplete event log information presented
Detailed filtering capabilitiesCreate and store custom filtersCustom filters for 3rd party applications (in
development)
![Page 7: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/7.jpg)
Why use Event Log View?
Best practices requires daily viewing of all event logs. Event Log View makes it possible to satisfy best practices by streamlining and simplifying the viewing process
Event Log View reduces the time and resources spent viewing event logs and, as a result, reduces the related TCO (Total Cost of Operations)
![Page 8: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/8.jpg)
Event Log Sentry
Centralized Event Log Monitoring and Management
![Page 9: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/9.jpg)
Monitoring Functionality of Event Log Sentry
Monitor event logs for critical events and receive immediate notification when they occur
Multiple notifications in response to eventsEmail (Pager, Cell phone, Blackberry, etc.)
Popup
Customizable messages in notifications, including macros (variables)
Integrated templates for 3rd party solutions
![Page 10: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/10.jpg)
Automated Responses
Ability to run two automated actions per event triggerRun console applicationsRun batch filesCustom scripts
![Page 11: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/11.jpg)
Why monitor your event logs with Event Log Sentry?
Decrease administrative response time to critical events to prevent system failures
Uninterrupted end-user productivity due to automated triggers
Proactive Monitoring means:Reduces TCO associated with repairing system failures
since problems are resolved before system failures occur
Administrators’ time spent on priority projects instead of reactive repair and analysis
![Page 12: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/12.jpg)
Automated Event Log Clearing with Event Log Sentry
Schedule automated clearings for multiple event logs on non-production hours
![Page 13: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/13.jpg)
Why Automate Event Log Clearing?
Event logs never reach maximum capacity–no loss of information
Reduces TCO since Administrative resources are not used to clear event logs
![Page 14: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/14.jpg)
Event Log Archiving with Event Log Sentry
Archives raw .EVT files to back-up server
![Page 15: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/15.jpg)
Why do you need to automate event log archiving?
Automation ensures that archiving occurs Second source of original event information
for diagnostics and audit trail purposesBest Practices requires back up of all
critical event log information
![Page 16: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/16.jpg)
Storing Events in an SQL Database with Event Log Sentry
Migrate specific events into SQL Database using native SQL Server API
![Page 17: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/17.jpg)
Why store events in an SQL Database?
Long-term data analysisUse standard reports with Seagate Crystal
Reports or create customized reportsProvides Audit trailUses MS SQL Server proprietary API calls
Faster than ODBCNon-interference with other SQL Clients that
may be running
![Page 18: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/18.jpg)
Managing Policy Settings with Event Log Sentry
Centralized management of Event Log Settings and Audit Polices
Regular scans of settings and ability to reset policies and settings according to selected template(s)
![Page 19: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/19.jpg)
Why centralize Policy and Auditing Settings?
Ensures correct event information is written to Security Log
Enforces consistent conformance with corporate security policies across all machines
![Page 20: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/20.jpg)
Managing Event Log Sentry
Easy distribution of agents to servers or workstations in all domains.
Template-based design so that changes to multiple machines are performed with ease
Global templates and domain-level templates for simplified management
![Page 21: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/21.jpg)
The Distributed Architecture of Event Log Sentry
![Page 22: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/22.jpg)
How does Event Log Sentry Work?
Event Log Sentry Server for Database Migration and .EVT Backup
Event Log Sentry Admin Console on Admin workstation
Event Log Sentry Agents on any machine whose event logs will be processed
![Page 23: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/23.jpg)
Benefits of Event Log Sentry’s Distributed Architecture Design
Centralized managementEasily manages multiple domainsLoad Balancing for continued monitoring
and managementEfficient network/processor utilizationScalable for large enterprises
![Page 24: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/24.jpg)
How scalable is Event Log Sentry?
Test environment50 Servers200 Workstations
Tasks PerformedMonitoring selected eventsMigrating selected eventsArchiving
![Page 25: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/25.jpg)
Test Environment Performance
Used one Event Log Sentry ServerMigrate EventsBackup Logs
Processor Utilization and Network TrafficUnaffected on all monitored machines (250)Processor Utilization on Event Log Sentry Server
hovered around 3%—Never higher than 7%Event Log Sentry Server also ran PDC and SQL Server
![Page 26: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/26.jpg)
Conclusions from Test Environment
Installations up to 500 Servers will only require two Event Log Sentry Servers for same performance as test environmentOne for BackupOne for Database Storage
![Page 27: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/27.jpg)
Planned for May 2002
Centralized Agent Template Storage with IIS
Automatic Web Updates for 3rd Party Agent Templates
ODBC Compliance
![Page 28: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/28.jpg)
Works with Windows 2000
NT Event LogsSystemApplicationSecurity
Windows 2000 Active Directory LogsDirectory ServiceDNS ServerFile Replication Service
![Page 29: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/29.jpg)
Event Log Sentry and Event Log View Overall Benefits
Immediately isolate and prevent system and security threats through real-time notifications and automated actions
Research failures and breaches through an archived repository
Increase network visibility to improve security and systems management
Reduces TCO by reducing time spent viewing, monitoring, and managing event logs
![Page 30: Complete Event Log Viewing, Monitoring and Management](https://reader036.vdocument.in/reader036/viewer/2022062721/568137d7550346895d9f7655/html5/thumbnails/30.jpg)
Engagent Inc.
Engagent
11889 98th Ave NE
Kirkland, WA 98036
(877)820-7980
www.engagent.com