Kaseya Community

"Change" a critical application event

  • I'm not sure if I should have posted this in another forum, but I am wondering about how to go about changing the way a specific "critical application event" is handled. Let me explain the scenario:

    Currently we send "critical application events" to critical mailboxes monitored 24/7. If we want certain "critical application events" such as category:logging/recovery to be sent to our normail mailbox how can we do that?

    The only way I have come up with to do this is to edit the critical application events set and put that event in there to ignore. then create another event set called something like "critical application events deemed non-critical" or something to that effect, configure it to send an email to non-critical emailbox and add the specific event id to that set to hit on.

    Is there an easier/better way to accomplish this?

    Thanks in advance.

    Legacy Forum Name: "Change" a critical application event,
    Legacy Posted By Username: David Scott
  • I just thought of this-I guess this is a two part question-How does Kaseya determine an entry in the app or event log to be "critical"? in the help it mentions that it is vista only. this is a windows 2003 server.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: David Scott
  • If you're talking about the Event logs, this comes from the Windows event logs itself (Error. Warning, Information... etc). And this is chosen on the Agent |> Machine Status > Event Log Settings page.

    I think its a 6 of one half dozen of the other scenario, we monitor for specific events in the event logs,(Monitor |> Agent Monitoring > Alerts page selecting the Event Log alerts), rather than watching them all and building an ignore set. We just found it easier to do it this way. All the alerts (whatever was chosen in the agent settings) will be recorded and found in the LC window, but only what you want to be alerted will produce the alert.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: thirteentwenty
  • Right but what I don't get is in windows event logs, you've got three categories, informational, warning and error. There is no windows alert named critical that I am aware of. But in Kaseya, you've got error,warning,critical

    How does Kaseya determine that an alert is critical?

    After looking at this further, it appears that we inadvertently had all application errors,warnings and critical events (E,W,C) being sent to our crtiical email. So these events may not even have been actual critical events after all.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: David Scott
  • David Scott
    Right but what I don't get is in windows event logs, you've got three categories, informational, warning and error. There is no windows alert named critical that I am aware of. But in Kaseya, you've got error,warning,critical

    How does Kaseya determine that an alert is critical?

    After looking at this further, it appears that we inadvertently had all application errors,warnings and critical events (E,W,C) being sent to our crtiical email. So these events may not even have been actual critical events after all.


    Good to hear that you found that, I did the same thing when first getting set up... a few days of sleepless nights fixed that rather quickly...

    In any case, I don't think Kaseya determines that an event is critical, it should come from the windows event log as critical. I've always had it checked off but only now have realized that I don't get anything with a critical stamp on it. It may be a legacy thing, or from an event log that I have yet to uncover...

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: thirteentwenty
  • The help file says that critical is vista only

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: David Scott
  • David Scott
    The help file says that critical is vista only


    Yeah, well, Vista should be concidered Legacy Big Smile

    Anyways I'm on a Vista install now and just dug through my event logs and couldn't find a critical hit... which I'm guessing is a good thing

    This article from Microsoft hints that the source would be Diagnostic-Performance Which I've never seen before, it also looks as though it goes pretty deep in to the event logging system (this may be in win7 also). At some point I'm going to try and trigger a "critical event"... should be fun.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: thirteentwenty
  • OK, foot in mouth here...

    I've just drilled down into the event log that is described in the article and found a critical event.

    TBH I've never drilled this far down into the event logs before, lots of nifty info in here... I wish I could do a side by side with my win7 install...

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: thirteentwenty
  • Yeah, I just found a critical one on my windows 7 machine. Learnin'!!!!

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: David Scott