Analyst reports state there are over 25% custom Applications out there and those apps do not have a standard way to monitor. Now here is a credible mechanism to monitor those custom applications too.
Where can you use it ?
1. Use it to track Unix SysLogs and check for :
* Kernel errors
* Device errors
* Security alerts etc
2. Check if an application is alive or dead because of say, an Out of Memory Error or some such problems.
3. Track changes in some critical summary files of business
4. Check if your back up had failed by checking the logs
5. Internal application teams can check out the contents of your build server to ensure everything had executed fine, if there was an copyright violation, compilation errors etc
Let me explain the different ways of monitoring Log Files in Applications Manager.
Using File System Monitor, you can monitor the Log File for its size, growth rate and alert when any contents specified by the user matches in that file.For example you can monitor the /var/log/message file and configure to alert when any of the contents “FATAL” or “ERROR” matches in that file.Whenever these words matches in that file, it will show the availability of the File System Monitor as down and RCA message will show these contents are matched in the Log File.
Note:
This will parse only the file contents added between the two polling intervals.Say for example when the Log File is parsed at 10:00 AM and in next polling at 10:05 AM, it will parse only the Last 5 minutes (between 10:00 AM and 10:05 AM) contents in the Log File and check whether the content matches.
Windows Event Log Monitoring.
Using the Windows Event Log monitoring, you can monitor whether any events occurred in the following windows logs.
* Application Logs
* System Logs
* Security Logs
* DNS Server Logs
* Directory Service
* File Replication Service
First step for monitoring the Event Logs is to create the rules in Applications Manager.Rules is nothing but, say for example i want to be notified when any events occurred in System Log with Error type.You can configure similar rules for different logs.For configuring these rules go to Admin–>Event Log Rules.
Second step is to enable in which servers you want to monitor the Event Logs.For this you can select the “Enable Event Log Monitoring” checkbox while adding a new windows server.When the windows server is already added, you can edit the monitor and enable the Event Log monitoring.
Now when any events occurred in the server, then the Health of the Server will become critical and the corresponding RCA message will give you the Events which are matched.Also you can see those Events in the bottom of the windows server page in Applications Manager.
Hope the above two features will help you to monitor the Log Files and System Events. Now before I wind up, let me also highlight our full blown Windows Event Log Monitoring Tool, ManageEngine EventLog Analyzer that will help you adhere to demands of regulatory compliance requirements like HIPAA, SOX, GLBA, and PCI etc..
Arun kumar
I like seeing the Event Logs, but it would be nice to have them hotlinked for more info.
got