I have a question on Event log monitoring-
I have created multiple event log sets and would like to confirm:
When I create the event log under Monitor > Event Log Alerts >
I always choose (System) for the (Select Event Log Type) - my questions is do I have to define the correct log type? or it doesn't matter since I am specifying the Event ID in the set.
I hope I was able to explain.. Thank you in advance.
hi Ehabh. Yes, you will need to specify the correct event log type depending on what you want to monitor. For example, i want to monitor exchange event ID 8206 which occurs when the store service is stopped. To successfully report on this event id, i'd have to configure it under Application log type. If i were to monitor under the System log type I would not get the proper notification.
Application is generally for just software logs.
System is generally for just hardware logs.
There are also varius other locations where logs can be pulled depending on your needs.