firstname.lastname@example.orgCheck and make sure that you have event logging enabled for those agents.
You can find this under the tab Agent > Event Log Settings (the 4th function item down) After you check that also check that you dont have any red letters for the event set monitoring. The red letters mean that logging is currently disable for that log.
As far as event logging and reporting - I would suggest to try and use one event log, like what you are doing. From that log I would then select what events to ignore from processing the log. That way you only have one event set running and not multiple event sets monitoring certain logs (I am currently working on this one for the Library).
Currently I have it set up for the All Events for Errors only to Alarm. Then I have several Kaseya created event sets that only alarm upon errors. Though I do have to agree with boudj that the reporting sounds really good and automates the process even more. Good suggestion Boudj.
I am having the same issue. I have created an event set to monitor avast's event log and alert me if it finds a virus:
<?xml version="1.0" encoding="ISO-8859-1" ?>
<set_elements setName="Avast" eventSetId="91819368">
<element_data ignore="0" source="*avast*" category="*" eventId="90" username="*" description="*"/>
I am getting no alerts, and no emails.
If I check the antivirus log for the agent, the event sets are there (I ran some test viruses on the test client)
any ideas?Legacy Forum Name: Event Sets, Legacy Posted By Username: Resistance2Fly