New Question
 
 
PRTG Network Monitor

Intuitive to Use.
Easy to manage.

300.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free PRTG
Download >>

 

What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

 

Top Tags


View all Tags


Monitoring forwarded event log

Votes:

0

Your Vote:

Up

Down

We have a computer that receives Windows Event Logs from other computers around the office. I would like to monitor the "Forwarded Events" event log but the PRTG system does not seem to be able to do this. Is it possible?

event-log forwarded windows

Created on Aug 30, 2016 11:28:27 AM by  mrbryanejones (0) 1



3 Replies

Votes:

0

Your Vote:

Up

Down

Hello,

Unfortunately, it's not possible to use PRTG Eventlog Sensors to monitor forwarded events.
What could be interesting for you is the EventlogReaderXML Sensor by PRTG Tools Family.

You can download the sensor here.

After the download is done, extract the files and copy the sensor file "EventlogReaderXML.exe into the following directory:

32 bit systems%programfiles%\PRTG Network Monitor\Custom Sensors\EXEXML
64 bit systems%programfiles(x86)%\PRTG Network Monitor\Custom Sensors\EXEXML

Than create the Exe/Script Advanced sensor on the local probe device. The sensor parameters are:

  • -f= The full path of the eventlog (.evtx) file.") These file are usual located in the 'C:\Windows\System32\winevt\Logs' folder.")
  • -s= The name of the eventlog source.")
  • -u= Optional, Domain\Username of a user account that can access the folder containing the eventlog.")
  • -p= Optional, Password or PassHash * of a user account that can access the folder containing the eventlog."
  • -m= Optional, The maximum time in minutes a result is allowed to be old.") default = 1 day (1440 minutes)")
  • -l= Optional, Comma separated list of entry levels to report on.")

Please be aware, we don´t offer support for third party Sensors, so if you run into issues with this one you have to contact ptf directly.

Created on Sep 1, 2016 7:52:19 PM by  Jochen Greger [Paessler Support]

Last change on Mar 1, 2018 6:24:40 AM by  Luciano Lingnau [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Hello,

I am novice with prtg sofftware.
I would like to be able to monitor remote backup logs of about 40 servers.

I downloaded the EventlogReaderXML.exe file and the ovl file.

I dropped the file EventlogReaderXML.exe in "% programfiles (x86)% \ PRTG Network Monitor \ Custom Sensors \ EXEXML"

I filed the OVL file in "% programfiles (x86)% \ PRTG Network Monitor
lookups \ custom
"

I configured the sensor:

-f = c: \ Windows \ System32 \ winevt \ Logs \ Microsoft-Windows-Backup.evtx -s = Backup -u = domain \ user -p = XXXXXX -m = 5000

It works but PRTG reads my local log file.

I tried:

-f = \\ 10.144.245.129 \ c $ \ Windows \ System32 \ winevt \ Logs \ Microsoft-Windows-Backup.evtx -s = Backup -u = domain \ user -p = XXXXXX -m = 5000

It does not work because the file is locked.

If I copy the file "Microsoft-Windows-Backup.evtx" to testbackup.evtx and query it, it works.

Sorry for my mediocre English (thanks google), what is the best way to proceed?

Thank you in advance for your suggestions cordially

Created on Feb 28, 2018 4:28:57 PM by  Ash (0)

Last change on Mar 1, 2018 6:23:06 AM by  Luciano Lingnau [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Why not use the WMI Event Log Sensor or this one instead? :)


Kind regards,
Stephan Linke, Tech Support Team

Created on Mar 1, 2018 12:05:14 PM by  Stephan Linke [Paessler Support]

Last change on Mar 1, 2018 12:05:31 PM by  Stephan Linke [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.