Navigation:  »No topics above this level«

Event Log Consolidation

 Top  Previous  Next

Many government regulations in the United States and other countries require you to collect and archive event logs for a certain period of time. With EventSentry you can consolidate all or some of your event logs, according to your rules, into a database (Microsoft SQL Server, MySQL, Oracle and Microsoft Access are supported through ODBC).

 

Database Consolidation can be setup very quickly and requires only a few steps. All of the steps below are automatically performed by the installer if you are using Microsoft SQL Server or Microsoft Access. Please see Steps to Event Log Consolidation for more information.

 

Create a database
Create an ODBC connection
Run the Database Setup Wizard to create all necessary users, tables and indexes
Create database notification target that points to the database (use a connection string whenever possible)
Create an event log filter that forwards some or all events to the database

 

If you have a Microsoft SQL Server database available then it is highly recommended that select the "Setup MSSQL" option during the installation, which will create and initialize the database and setup a basic configuration in EventSentry.

 

Connection Strings vs. System DSNs

When creating your database notification you have the choose between using a System DSN and a connection string. We strongly recommend that you use a connection string instead of a DSN, since using a DSN will require you to create that same DSN on every computer that will be writing to the EventSentry database. If you have to use a DSN, then you can use AutoAdministrator to push/duplicate an existing DSN to remote computers.

 

ODBC Drivers

Microsoft Windows 2000 and higher only ship with the "SQL Server" and "Microsoft Access" ODBC drivers by default, meaning that you will have to install an ODBC driver on the monitored servers if you are not using Microsoft SQL Server.

 

Microsoft SQL Server and Microsoft Access

Both drivers are installed by default on Windows 2000 and higher.

 

MySQL

It is fairly easy to install the MySQL ODBC driver on a monitored server since MySQL offers a setup routine that installs the MySQL ODBC driver. MySQL also offers an MSI package that can be rolled out using Active Directory.

 

Oracle

It is fairly complicated to install the ODBC drivers on a Microsoft Windows machine since you are required to install everything using the Java-based Oracle Universal Installer. If you plan on using Oracle then please keep in mind that you will have to install the ODBC drivers using the Oracle Universal Installer on every computer that is to write to the database.