EventSentry Help v2.91

EventSentry Help v2.91

EventSentry Light

Installing EventSentry

Hardware Specifications

Windows NT4 Requirements

Getting EventSentry

Licensing EventSentry

Entering a License

Local Installation (with installer, default)

Feature Descriptions

Updating to a new version

Updating to version 2.91

Updating from version 2.7x or higher to the latest version

Updating from version 2.60

Updating from verison 2.50 and earlier

Upgrading from EventSentry Light

Upgrading from the EventSentry Trial Version

Manually updating the Service

Manually updating the GUI and documentation

Moving EventSentry to a new server

Remote Agent Installation

Deploying the EventSentry Agent MSI

Manual Agent Installation

Management Console / Utilities

Welcome & MyEventlog

Confirmations & Prompts

Web Reports & Proxy

Event Log Viewer

Viewing Remote Event Logs

Viewing Event Log Backup (.evt) Files

Exporting, Importing and Saving the Configuration

Checking for New Versions

Event Log Database Import Utility

Event Message Browser

Database Purge Utility

Testing Event Log Filter Rules

Searching for Filters

Working with EventSentry

Package Options

Assigning Packages

Setting Packages as Global

Assigning to Groups

Assigning to Computers

Blocking Package Inheritance

Downloading Packages

(Un)Hiding Packages

Managing Actions

Action Trigger History

Action Schedule

Action Thresholds

Setting up the database

Table Relationships

Event Log Consolidation

Log File Monitoring

Non-Delimited Log Files

Delimited Log Files

Service Monitoring

Service History

Heartbeat Monitoring

Heartbeat Status

Heartbeat History

Heartbeat Response Times

Environment Monitoring

Tracking

Process Tracking

Logon Tracking

Network Logons

Logon Failure Analysis

Domain Account Authentication

User Logon By Server Type

File Access Tracking

Account Management

Computer Accounts

Policy Change Tracking

Inventory

Software Monitoring

Install Software

Software History

Uptime Monitoring

Hardware Inventory

File Monitoring

Performance Monitoring

Disk Space Monitoring

Steps to Event Log Consolidation

Troubleshooting Databases

Database Setup Wizard

Troubleshooting desktop notifications

Troubleshooting Email (SMTP)

Troubleshooting Files

Troubleshooting Jabber

Network Message

Troubleshooting Network Messages

Parallel Printer

Troubleshooting Parallel Printers

Troubleshooting SNPP

Troubleshooting Processes

Service & Process Control

Troubleshooting Service Control

Shutdown / Reboot

Troubleshooting Shutdown/Reboots

Troubleshooting SNMP

Troubleshooting Sounds

Troubleshooting Syslog

Computer Groups

Adding Computers

Import From Text File

Import From Network Neighborhood

Import From Active Directory

Linking To Active Directory

Exporting Computers

Supported Variables and Fields

Managing Agents

Retrieving Service Status

Updating the Configuration

Installing & Configuring a new Computer

Automating Remote Update

Remote Administration

Embedded Scripts

Internationalization

Monitoring with EventSentry

Service Control

Event Log Monitoring

Event Log Package Options

Filter Properties

Advanced Text Processing

Filter Processing

Editing Filters

Filter Thresholds

Advanced Hour / Day Settings

Filter Day & Hour Configuration

Filter Expiration

Summary Notifications

Recurring Event Filters

Monitoring Custom Event Logs

Managing Custom Event Logs

Monitoring Custom Event Logs

Log File Monitoring

Creating File Definitions

Defining Monitored Files

Adding Files to a Log File Package

Consolidation & Monitoring Options

System Health Monitoring

Service Monitoring

Advanced Options

Application Scheduler

Example Scripts

Backup Event Logs

Detecting Full Event Logs

Process Monitoring

Disk Space Monitoring

Directory Monitoring

Software Monitoring

Performance Monitoring

Database Tracking

File Change Monitoring

Managing Directories

Compliance Tracking

Tracking Package Options

Tracking Requirements

Process Tracking

File Access Tracking

Setting up File Access Tracking

Access Masks & Filter

Acount Management Tracking

Policy Change Tracking

Heartbeat Monitoring

Adding Computers

Setting General Options

Setting Heartbeat Group Options

Customizing Heartbeat Options

Defining a Host as a Router

Setting Maintenance Schedules

Viewing Heartbeat Status & History

Environment Monitoring

Temperature / Humidity

Motion Monitoring

Syslog to Database

Syslog to Event Log

Unix/Linux Configuration

Setting up Built-In Authentication

Managing User Accounts

Common Elements

Dynamic Sorting

Overview

Network Overview

Computer Overview

Event Log Searches

Event Record Details

Heartbeat Monitoring

Heartbeat Status

Heartbeat History

Network Availability

Heartbeat Response Times

Compliance Tracking

Process Tracking

Logon Tracking

File Access Tracking

Account Management Tracking

Policy Change Tracking

Diskspace Monitoring

Disk Space Reports

Disk Space Charts

Performance Monitoring

Performance Status

Performance Search

Performance Charts

Log File Monitoring

Log Non-Delimited

File Checksum Monitoring

Service Monitoring

Service History

Installed Software

Software History

Importing data from NBE or XML files

Environment Monitoring

Temperature / Humidity

Maintenance

Maintenance Wizard

Options

Account Manager

Account Settings

Additional Tips and Resources

Tuning the EventSentry Database

Purging Records

Purging Records Automatically

Archiving event log records

MySQL

Installing & Setting up a MySQL Server on Windows

Rolling out the MySQL ODBC Driver

Microsoft SQL Server

Encrypting Network Traffic with MSSQL

Screenshots

Main Configuration Window

General Options

Environment Monitoring

Syslog Configuration Window

Syslog Example Eventlog Record

Filters & Actions Configuration Window

Filter Configuration Window

Hour & Day Configuration Window

Action Configuration Window

Remote Update Window

Event Log Reference

Security Events

Windows NT Security Events

Windows 2000 Security Events

Windows 2003 Security Events

Windows 2008 Security Events

Active Directory / DNS / WINS

IIS / MSSQL / Exchange

Application Management

Examples & Templates

Filter Examples

Example 1: Standard Filter

Example 2: Event Source

Example 3: Event Source & Event ID

Example 4: Content Filter with Insertion String

Summary Notification Examples

Example 1: Daily Summary

Example 2: Daily Summary with Messages

Example 3: Weekly Summary

Example 4: Summary every 2 Hours

Filter & Target Examples

Example 1: SMTP and ODBC Action

Example 2: SMTP and FILE Action

Example 3: SMTP, FILE and SYSLOG Action, SYSLOG Daemon

Real-World Examples & Templates

Example 1: Backup Notification

Example 2: Temporary Service Shutdown

Example 3: Email alert when .EXE file changed

Compliance

FISMA NIST 800-53

CobiT / Sarbanes Oxley

Miscellaneous

File Monitoring vs. File Access Tracking

Support, FAQ, Version History

Troubleshooting and FAQ

Questions or Problems?

EventSentry Support

Version History

Version Numbering System

Suggestions and Future Features

© <2002 - 2009> ... NETIKUS.NET ltd