Jeff, Please send the script. Looks like it is time to get into perl. Thanks, Devin L. Meade, CNE, MCP Network Administrator Frankfurt-Short-Bruza www.fsb-ae.com www.oklahomadome.com -----Original Message----- From: Edgington, Jeff [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 26, 2002 6:25 PM To: NT 2000 Discussions Subject: RE: Event log maintenance / alerting package
Another alternative is to write a script if you are simply looking for eventlog monitoring... this is fairly easily done via perl and win32::eventlog. I have a script based on win32::eventlog and win32::tie_registry that does what you are describing... this script ties into our enterprise monitoring (another perl script that runs on a Linux box) that will page us based on rules that we write for it. Also archives ALL of the eventlogs. I also somewhat sure I've seen other people's scripts available for download. (additionally, if you are interested in mine, I'll gladly send it to you). jeff e. -----Original Message----- From: Meade, Devin [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 26, 2002 4:46 PM To: NT 2000 Discussions Subject: Event log maintenance / alerting package Group, The powers that be gave an OK to research/maybe buy an event log maintenance-alerting package!! I have never set one of these up, your assistance please . . . Our network: 9 Win2000 servers, 4 NT4 servers, using internal DNS, DHCP with native Active Directory Services. I started with Master Andrews list http://www.ultratech-llc.com/KB/?File=EventLog.TXT to see what is available. I also looked at www.swynk.com and complied a wish list: 1. Filter out the junk in the evt logs. 2. Alert based on predefined conditions (disk space, service stop, password guess attempt, mass move of a folder, etc...). 3. Archive the event logs. 4. Would be nice if done via SYSLOG (but not necessary). 5. Did miss any biggies?? Products that look good from the sales blurbs ;-) http://www.eventid.net/adiscon.asp Looks like the right fit for us at about $600 for 10 servers. Integrates with eventid.net - way cool feature. This is my first choice. http://www.gfi.com/lanselm/ Looks really cool - higher priced than adiscon. http://www.systemtools.com/hyena/index.html Looks good - still higher priced than adiscon. Note - dumping the logs seems to be fairly easy with scripts, freeware and or the resource kit. I am looking to do some analysis. What do you guys use for Event log maintenance and alerting? Thanks and hope you had a Merry CHRISTmas, Devin L. Meade, CNE, MCP Network Administrator Frankfurt-Short-Bruza www.fsb-ae.com www.oklahomadome.com ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
