Complete Event Log Viewing, Monitoring and Management - PowerPoint PPT Presentation

About This Presentation
Title:

Complete Event Log Viewing, Monitoring and Management

Description:

Complete Event Log Viewing, Monitoring and Management Event Log Sentry & View Functionality Summary Remote viewing of multiple event logs with filtering capabilities ... – PowerPoint PPT presentation

Number of Views:247
Avg rating:3.0/5.0
Slides: 31
Provided by: dfanc
Category:

less

Transcript and Presenter's Notes

Title: Complete Event Log Viewing, Monitoring and Management


1
Complete Event Log Viewing, Monitoring and
Management
2
Event Log Sentry View Functionality Summary
  • Remote viewing of multiple event logs with
    filtering capabilities
  • Real-time notification of critical events
  • Automatic response to selected events
  • Automatic event storage in MS SQL Database
  • Automatic clearing and archiving of event logs
  • Centralized management of Audit Policies and
    event log settings

3
Event Log Suite integration with Demandtech
Software
  • Out-of-the-box templates for viewing, monitoring,
    and managing specifics events generated by
    Performance Gallery/Performance Sentry
  • When?
  • May 2002

4
Event Log View
  • Consolidated Event Log Viewing

5
When do you view your event logs?
  • Best Practices requires Daily viewing
  • Diagnostic Event Viewing when systems fail

6
Functionality of Event Log View
  • Consolidated view of Event Logs
  • Grouped machines for strategic viewing
  • Complete event log information presented
  • Detailed filtering capabilities
  • Create and store custom filters
  • Custom filters for 3rd party applications (in
    development)

7
Why use Event Log View?
  • Best practices requires daily viewing of all
    event logs. Event Log View makes it possible to
    satisfy best practices by streamlining and
    simplifying the viewing process
  • Event Log View reduces the time and resources
    spent viewing event logs and, as a result,
    reduces the related TCO (Total Cost of Operations)

8
Event Log Sentry
  • Centralized Event Log Monitoring and Management

9
Monitoring Functionality of Event Log Sentry
  • Monitor event logs for critical events and
    receive immediate notification when they occur
  • Multiple notifications in response to events
  • Email (Pager, Cell phone, Blackberry, etc.)
  • Popup
  • Customizable messages in notifications, including
    macros (variables)
  • Integrated templates for 3rd party solutions

10
Automated Responses
  • Ability to run two automated actions per event
    trigger
  • Run console applications
  • Run batch files
  • Custom scripts

11
Why monitor your event logs with Event Log Sentry?
  • Decrease administrative response time to critical
    events to prevent system failures
  • Uninterrupted end-user productivity due to
    automated triggers
  • Proactive Monitoring means
  • Reduces TCO associated with repairing system
    failures since problems are resolved before
    system failures occur
  • Administrators time spent on priority projects
    instead of reactive repair and analysis

12
Automated Event Log Clearing with Event Log Sentry
  • Schedule automated clearings for multiple event
    logs on non-production hours

13
Why Automate Event Log Clearing?
  • Event logs never reach maximum capacityno loss
    of information
  • Reduces TCO since Administrative resources are
    not used to clear event logs

14
Event Log Archiving with Event Log Sentry
  • Archives raw .EVT files to back-up server

15
Why do you need to automate event log archiving?
  • Automation ensures that archiving occurs
  • Second source of original event information for
    diagnostics and audit trail purposes
  • Best Practices requires back up of all critical
    event log information

16
Storing Events in an SQL Database with Event Log
Sentry
  • Migrate specific events into SQL Database using
    native SQL Server API

17
Why store events in an SQL Database?
  • Long-term data analysis
  • Use standard reports with Seagate Crystal Reports
    or create customized reports
  • Provides Audit trail
  • Uses MS SQL Server proprietary API calls
  • Faster than ODBC
  • Non-interference with other SQL Clients that may
    be running

18
Managing Policy Settings with Event Log Sentry
  • Centralized management of Event Log Settings and
    Audit Polices
  • Regular scans of settings and ability to reset
    policies and settings according to selected
    template(s)

19
Why centralize Policy and Auditing Settings?
  • Ensures correct event information is written to
    Security Log
  • Enforces consistent conformance with corporate
    security policies across all machines

20
Managing Event Log Sentry
  • Easy distribution of agents to servers or
    workstations in all domains.
  • Template-based design so that changes to multiple
    machines are performed with ease
  • Global templates and domain-level templates for
    simplified management

21
The Distributed Architecture of Event Log Sentry
22
How does Event Log Sentry Work?
  • Event Log Sentry Server for Database Migration
    and .EVT Backup
  • Event Log Sentry Admin Console on Admin
    workstation
  • Event Log Sentry Agents on any machine whose
    event logs will be processed

23
Benefits of Event Log Sentrys Distributed
Architecture Design
  • Centralized management
  • Easily manages multiple domains
  • Load Balancing for continued monitoring and
    management
  • Efficient network/processor utilization
  • Scalable for large enterprises

24
How scalable is Event Log Sentry?
  • Test environment
  • 50 Servers
  • 200 Workstations
  • Tasks Performed
  • Monitoring selected events
  • Migrating selected events
  • Archiving

25
Test Environment Performance
  • Used one Event Log Sentry Server
  • Migrate Events
  • Backup Logs
  • Processor Utilization and Network Traffic
  • Unaffected on all monitored machines (250)
  • Processor Utilization on Event Log Sentry Server
    hovered around 3Never higher than 7
  • Event Log Sentry Server also ran PDC and SQL
    Server

26
Conclusions from Test Environment
  • Installations up to 500 Servers will only require
    two Event Log Sentry Servers for same performance
    as test environment
  • One for Backup
  • One for Database Storage

27
Planned for May 2002
  • Centralized Agent Template Storage with IIS
  • Automatic Web Updates for 3rd Party Agent
    Templates
  • ODBC Compliance

28
Works with Windows 2000
  • NT Event Logs
  • System
  • Application
  • Security
  • Windows 2000 Active Directory Logs
  • Directory Service
  • DNS Server
  • File Replication Service

29
Event Log Sentry and Event Log View Overall
Benefits
  • Immediately isolate and prevent system and
    security threats through real-time notifications
    and automated actions
  • Research failures and breaches through an
    archived repository
  • Increase network visibility to improve security
    and systems management
  • Reduces TCO by reducing time spent viewing,
    monitoring, and managing event logs

30
Engagent Inc.
  • Engagent
  • 11889 98th Ave NE
  • Kirkland, WA 98036
  • (877)820-7980
  • www.engagent.com
  • sales_at_engagent.com
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Complete Event Log Viewing, Monitoring and Management" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!