loganalyzer/doc/windowsevent.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head>
<title>Using Windows Event Logs with LogAnalyzer</title>
</head>
<body>
<h1>Using Windows Event Logs with LogAnalyzer</h1>
<p>LogAnalyzer provides a message parser that understand Windows Event Log entries
in Adiscon common format. With that parser, all Windows event log properties can be
easily accessed, displayed and searched for.

<h2>How to get hold of the Windows Event Log Data</h2>
<p>LogAnalyzer does not (yet) provide a data source driver to natively pull the log entries
from the Windows event logs. So it needs to be delivered to it. This can be done with
Adiscon's <a href="http://www.eventreporter.com">EventReporter</a> or
<a href="http://www.mwagent.com">MonitorWare Agent</a> software. These Agents are
excuted either on each Windows machine (or a single machine doing remote monitoring)
and the events extracted are written to LogAnalyzer's datasource (either a file or
database). Depending on your network setup, you may have some intermediate systems,
in which case the actual write to the data source is done by something like
<a href="http://www.winsyslog.com">WinSyslog</a> or <a href="http://www.rsyslog.com">rsyslog</a>.

<p>Once the data is inside the data source, the event log subparser does the rest. Together
with proper view defininitions, it provides a native-like view and search capability of
that data. Please note that Windows Event Log Fields can also be used as sources for
drawing graphics.

<p>[<a href="manual.html">manual index</a>] [<a href="http://loganalyzer.adiscon.com">LogAnalyzer site</a>]</p>
<p><font size="2">This documentation is part of the
<a href="http://loganalyzer.adiscon.com">Adiscon LogAnalyzer</a> project.<br>
Copyright &copy; 2008-2011 by <a href="http://www.adiscon.com/">Adiscon</a>.
Released under the GNU GPL version 3 or higher.
<a href="http://loganalyzer.adiscon.com/commercial">Adiscon LogAnaylzer commercial licenses are also available.</a>
</font></p>
</body></html>