How do you test the event monitoring?
Tim Evans, Sparling 206-667-0509, fax 206-667-0554 -----Original Message----- From: Adcock, Matt [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 4:35 AM To: '[EMAIL PROTECTED]' Subject: RE: [WhatsUp Forum] Monitoring Windows Event Viewer (WMI) I use WUG 8.01 to monitor the event logs of several NT4 and 2000 machines. As part of this monitoring, we perform weekly testing to ensure that monitoring is OK. Every once in a while, WUG will miss an event. I find that the missed event is usually when I generate a few events very close together. This is pretty uncommon though. I've never missed an event that was a real error - only testing events when I generate a lot. Matt -----Original Message----- From: brandon.baker [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 7:22 AM To: '[EMAIL PROTECTED]' Subject: RE: [WhatsUp Forum] Monitoring Windows Event Viewer (WMI) No responses to this, so I am going to punt with WMI for now. I have found a superb free program that will take the WIN events and turn them into SNMP traps. It has filtering capability so that you don't inundate the WUG logs. I have had much better results using this service then using WMI in WUG. It's called the "NT EVENT to SNMP TRAP SERVICE" it can be downloaded here: http://www.ncomtech.com/download.htm I have tested it on NT4 and 2k with 0 issues. Brandon Brandon Baker Manager, Security & Network Services Inforonics, Inc Voice: (978) 698-7458 Email: [EMAIL PROTECTED] -----Original Message----- From: brandon.baker [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 14, 2003 4:27 PM To: '[EMAIL PROTECTED]' Subject: [WhatsUp Forum] Monitoring Windows Event Viewer (WMI) Is anyone else recieving poor results when trying to alert on specific events in a monitored systems event viewer? Running wug v8.0 on win2k. It is not a permissions issue, as we have standardized on logins for monitoring, and each machine has the same account. We use that account to login and run the app, and when running via the service, it starts the service. Our win2k servers get better results, but not perfect. 80% +/- We have installed WBEM core on NT systems and get really poor results there as well. In one instance I have setup an NT4 system with WBEM, setup and even and that will trigger when SNMP starts successfuly just so I can test the event. I can actually see (through a sniffer) the port 135 traffic reaching my wug server, but the server evidently ignores the event. Anything else that anyone can think of. If not, recommendation for a freeware app that will convert windows events to snmp traps? Brandon Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/whatsup_forum%40list.ipswitch.com/ Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/whatsup_forum%40list.ipswitch.com/ Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/whatsup_forum%40list.ipswitch.com/ Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/whatsup_forum%40list.ipswitch.com/
