Ken Walleweina) Are you saying that the Monitor -> Alerts screen applies a given Event Set only to the event log chosen in the Select Alert Function line and shown in the Log Type column? Are you sure about that? Where is it documented?
b) How do we determine which event log type a given predefined event set is designed for (consider the example I gave previously)? And what's to keep a given set from monitoring multiple log types?
Ken WalleweinI don't seem to be getting alerts I should.
I just checked a system on which I have configured event monitoring for errors, warnings and critical events for both system and application event logs and filtering set to "All Events". I appear to be getting zero alerts for it over the last week or two, even though, if I check the system directly, there are a number of events of each type being logged.
I've checked my settings carefully, I don't see anything wrong. See screen shots attached.
And I don't see any way to check Kaseya event log history or collection logs, either. Is there any way to do that?
So far as I can see, it should work, it doesn't, everything looks set correctly, and I have no useful diagnostic data. Help!
GDRBrianI believe the 'All Events' means all the events you have in your event set list so we would need to see what event sets you have. If you truly wanted all events, then I believe you would need to create a new event set. Just create a new event set and then put * in all the boxes.
2.Check the Error checkbox and select from the event set list. Click the Apply button to assign this setting to all selected machine IDs. This tells the system to generate an alert for every error event type. Note the assigned log type.
Ken WalleweinThis doesn't make sense to me.
For starters, "All Events" IS an event set (albeit a short one) -- it can't refer to another one.
Secondly, it doesn't appear possible to create a wildcard filter for Event ID -- it needs a specific number and won't accept "*" or blank.
Third, there is this text in the on-line help:
which seems to pretty clearly state that "All Events" filters nothing.
FWIW, on this particular system, I have three event sets applied: Application and System using All Events, and Security with custom set. None use any exclusions at all.
GDRBrianAnd you are correct, you cannot create an event log with * in all the fields. Atleast I wasn't able to.
GDRBrianNot sure. As long as there is a source I am able to put a * in the event id column and then when I click add it fills in 'All IDs'.
I can't put * in all the columns though. There has to be a source.