OCAU News - Wiki - QuickLinks - Pix - Sponsors
|
OCAU News - Wiki - QuickLinks - Pix - Sponsors |
|
|||||||
| Notices |
|
Sign up for a free OCAU account and this ad will go away! Search our forums with Google: |
 |
|
|
Thread Tools |
11th August 2008, 11:34 AM
|
#1 |
|
Member
Join Date: Aug 2001
Location: Adelaide
Posts: 424
|
Consolidated Event Log Monitoring
I'm after software suggestions.
I'd like to have an application that collates the data from eventlogs on windows servers and displays them in a single window. I would like to be able to filter out what is displayed. Also to be able to specify email alerts to particular errors. Preferably something that runs on a Windows 2003/8 server with a remote console application to run on a desktop. I want to minimise the number of times a TS session is opened up on servers. If it can monitor WMI/Perfmon stuff it's a bonus but not required. |
|
|
| Join OCAU to remove this ad! |
|
11th August 2008, 11:38 AM
|
#2 |
|
Member
Join Date: Mar 2002
Location: Bathurst, NSW
Posts: 6,856
|
Ummm... MOM does all this and more.
*edit* my bad, its been renamed to Microsoft Systems Center Operations Manager.
__________________
Intel i7-3770k @ stock | Asus P8Z77 WS | 32GB Corsair Vengeance 1866 10-11-10-30 | 2x EVGA GTX670 SLI FTW @ stock | 1x Dell U3011 | OCZ Revodrive3 X2 MAXIOPS 480GB | Western Digital 2TB Caviar Black | Asus Essence STX | Audio-Technica ATH-AD900 | Antec HCP-1200 | Enermax Fulmo GT Midtower | Synology DS2411+ NAS | 12x Seagate 2TB 7200.12 i'm in your noun, verbing your related noun. Last edited by NSanity; 11th August 2008 at 11:45 AM. |
|
|
|
|
11th August 2008, 1:48 PM
|
#4 | |
|
Member
Join Date: Mar 2002
Location: Bathurst, NSW
Posts: 6,856
|
Quote:
__________________
Intel i7-3770k @ stock | Asus P8Z77 WS | 32GB Corsair Vengeance 1866 10-11-10-30 | 2x EVGA GTX670 SLI FTW @ stock | 1x Dell U3011 | OCZ Revodrive3 X2 MAXIOPS 480GB | Western Digital 2TB Caviar Black | Asus Essence STX | Audio-Technica ATH-AD900 | Antec HCP-1200 | Enermax Fulmo GT Midtower | Synology DS2411+ NAS | 12x Seagate 2TB 7200.12 i'm in your noun, verbing your related noun. |
|
|
|
|
|
11th August 2008, 2:05 PM
|
#5 |
|
Member
Join Date: Apr 2002
Location: Melbourne
Posts: 1,024
|
http://www.gfi.com/eventsmanager/ I haven't used this particular product but have used their av/spam and archive solutions and been very happy.
|
|
|
|
|
11th August 2008, 2:14 PM
|
#6 |
|
Whammy!
Join Date: May 2003
Location: Melbourne
Posts: 3,945
|
splunk, I'd marry it if i could.
__________________
Administrator: Apple Desktop Hardware/Software, Graphics and Programming, Digital Art, iOS Devices, For Sale (PC and Non-PC), Price Check and What/Where Should I Buy? mercury: 11" Macbook Air, i5, 4Gb RAM, 128Gb SSD lunchbox: Mac mini, i5 Dual Core, 4Gb RAM, 500Gb HDD |
|
|
|
|
11th August 2008, 2:20 PM
|
#7 |
|
Member
Join Date: Jun 2001
Location: Brisbane - QLD
Posts: 371
|
Another option is EventLog Analyzer from ManageEngine.
It does this and not jsut for Windows Servers either (we monitor Windows Server plus a bunch of switches and applicances)... We look at Microsoft Systems Center Operations Manager (AKA MOM) but found it overkill for our requirements... Cheers |
|
|
|
|
11th August 2008, 4:13 PM
|
#8 |
|
Member
Join Date: Jun 2001
Location: qld.au
Posts: 3,373
|
I haven't used this one, but have heard about it: http://www.intersectalliance.com/projects/SnareWindows/
The main part is free and they're an Australian company too!
__________________
Hosting consultant .... and brewer of fine ales |
|
|
|
|
11th August 2008, 4:54 PM
|
#9 |
|
(Taking a Break)
Join Date: Jun 2001
Location: On the move
Posts: 4,584
|
I know lots of places that use Snare and like it.
Once you do all this logging you will probably realise you want it to do this correlation and alerting automatically... so sometimes its best to buy that swiss army knife because you can use it later. Sentinel ArcSight RSA Symantec Oracle IBM Consul Insight and a few others are all big end players in this space - this includes MS system logging. Even MS, doesn't use its own product internally, it uses Sentinel. The others listed above are also big swiss army knives, with lots of add-on's too. Have a look, see if you have a need for the features at a later date. |
|
|
|
|
11th August 2008, 8:29 PM
|
#10 |
|
Member
Join Date: Aug 2001
Location: Sydney
Posts: 3,063
|
http://www.e-janco.com/nev.htm
NEV is an excellent product.. also allows for granular reporting and alerting.. eg I set it up for customers to email dba event log events to the dba's, network to the sysadmins etc very well priced as well |
|
|
|
|
12th August 2008, 9:30 AM
|
#11 |
|
Member
Join Date: Aug 2001
Location: Adelaide
Posts: 424
|
Thanks all, will start looking through the suggestions shortly.
Stalin, while a swiss army knife may be good to have they do cost considerably more than a can opener. I think I need to take management camping before the benefits are understood.  (I think i lost myself on that analogy!) |
|
|
|
|
12th August 2008, 9:55 AM
|
#12 |
|
(Taking a Break)
Join Date: Jun 2001
Location: On the move
Posts: 4,584
|
give them a marshmellow when camping and you can buy yourself a new tent
 Sometimes if you ask for a 50% solution you get it, then when you go to ask for the 100% solution a couple years down the track, they don't give you funding because, they either thought the 50% one was the 100% one, or they want you to make it that way, or they think, why on earth didn't they just get the 100% first up instead of spening all this money on time on something 'half arsed'. However not all environments are like that, but I have experianced that phenomenan many a time. Kiwi syslog is another cheapie, those doesn't do the alerting out of the box iirc. Now im off to get some marshmellows, I have inspired myself. 
|
|
|
|
|
| Bookmarks |
| Tags |
| error, logs |
|
Sign up for a free OCAU account and this ad will go away! |
| Thread Tools | |
|
|
