Using the Log Agent (caiLoga2) to monitor the Windows Event Logs

Document ID : KB000055005
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

The Log Agent can be configured to monitor the messages occurring in the Windows event logs. It can be configured to monitor each of the following fields in an Event Message:

  • Type

  • Source

  • Category

  • Event

  • User

  • Computer

  • Description

Solution:

Follow the below steps to configure the Log Agent to monitor a Windows Event Log message.

In this example we will monitor for a message with a Type set to"information" and the"Source" set to Application Popup.

  1. Launch AgentView for the caiLogA2.

  2. Select the LogWatchers icon.

  3. Select Build Event Log Pattern

  4. Set the Pattern to Positive Pattern

  5. Set the Type to Information

  6. Set the Source to Application Popup

  7. Set the rest of the fields to .*

  8. Select Ok.

  9. Now select Add Watcher

  10. Give the watcher a name, ie, Test_Watcher

  11. Give the Log File as SYSTEM_LOG\System

  12. The positive pattern comes there automatically as we have already configured when building the watcher

  13. Leave the Positive Toggle Pattern, Negative Pattern and Negative Toggle Pattern as Blank

  14. Set the Status Policy as Poll EOF

  15. Set the Trap Send Policy as Once

  16. Set the History Policy as Generate

  17. Set the Match Trap Policy as Do Not Send

  18. Set the Monitor Status as Monitor Critical

  19. Now click Ok