cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to monitor windows logs or event logs

Eshwar.Katakam
Creator

Hi Team,

Can anyone help me like we need to monitor our windows logs or service event logs which is running in our local event viewer server to appdynamics and find out the error and warning logs information 

Please let me know how we should achieve this functionality in app dynamics. Can anyone help me with exact configuration steps for this

Appreciate for help

Thanks
Eshwar

Edited for clarity. 9/19/22, C. Landivar

8 REPLIES 8

Raunak.Mohanty
AppDynamics Team (Retired)

Hi Eshawar,

 

Please use the following extension

https://www.appdynamics.com/community/exchange/windows-event-log-monitor/

 

Thanks,

Raunak



Found something helpful? Click the Accept as Solution button to help others find answers faster.
Liked something? Click the Thumbs Up button.

Helmut.Mayer
Creator

hi eshwar,   did you get any help on this ?   i am facing the same problem how to filter and send errors via appdyn.   maybe you have some helpful hints for me.  

 

rgds, helmut.

Mark.Robinson
Creator

I want to use the windows event log monitor to monitor windows updates by looking at the setup log. The extension works when configured to look at system, security or application logs however when configured for setup logs it throws an error.

 

The only thing i can find which may be the cause is this stackoverflow question which indicates that it won't work (https://stackoverflow.com/questions/12663703/geteventlogs-returns-no-setup-event-log) with the setup log however the extension page explicitly says it does support setup logs (https://www.appdynamics.com/community/exchange/windows-event-log-monitor/).

 

Stack trace from extension log:

2019/10/15 23:43:30.728 Error ExtensionLoader :Failed to start extension WindowsEventLogMonitor System.InvalidOperationException: The event log 'Setup' on computer '.' does not exist.
   at System.Diagnostics.EventLogInternal.OpenForRead(String currentMachineName)
   at System.Diagnostics.EventLogInternal.get_EntryCount()
   at System.Diagnostics.EventLogInternal.StartListening(String currentMachineName, String currentLogName)
   at System.Diagnostics.EventLogInternal.StartRaisingEvents(String currentMachineName, String currentLogName)
   at System.Diagnostics.EventLogInternal.set_EnableRaisingEvents(Boolean value)
   at AppDynamics.Infrastructure.Extensions.WindowsEventLogMonitor.Execute()
   at AppDynamics.Infrastructure.Framework.Extension.ExtensionContainer.Start()
   at AppDynamics.Infrastructure.Framework.Extension.ExtensionLoader.StartExtensions()    at System.Diagnostics.EventLogInternal.OpenForRead(String currentMachineName)
   at System.Diagnostics.EventLogInternal.get_EntryCount()
   at System.Diagnostics.EventLogInternal.StartListening(String currentMachineName, String currentLogName)
   at System.Diagnostics.EventLogInternal.StartRaisingEvents(String currentMachineName, String currentLogName)
   at System.Diagnostics.EventLogInternal.set_EnableRaisingEvents(Boolean value)
   at AppDynamics.Infrastructure.Extensions.WindowsEventLogMonitor.Execute()
   at AppDynamics.Infrastructure.Framework.Extension.ExtensionContainer.Start()
   at AppDynamics.Infrastructure.Framework.Extension.ExtensionLoader.StartExtensions()

Hi Mark, 

Thanks for your investigation. This is a known issue and we have an enhancement request to support all non-classic event sources including Setup. 

 

As you pointed, the document needs to be corrected for now and I hope we can expedite the feature update as well. I will update here once we publish new changes. 

 

Anurag 

Hi,

 

May I also know if we can setup alerting on the events received from the event viewer. If yes, please let us know the steps.

You have to create a custom health rule based on the specific eventid, and then create a Policy to trigger an alert. Just make sure to use Type as the name of extension. You can try using custom event type = "WindowsEventLogMonitor", this needs to be the name of the extension, as provided in the extension.xml file. 

Also the event properties exposed are 
eventid
eventsource
machinename


Hello all,

 

The extension was recently updated and now can be used to monitor the events entries. You can find the extension here: https://www.appdynamics.com/community/exchange/windows-event-log-monitor/


Thanks,

Ryan, Cisco AppDynamics Community Manager




Found something helpful? Click the Accept as Solution button to help others find answers faster.

Liked something? Click the Thumbs Up button.



Check out Observabiity in Action

new deep dive videos weekly in the Knowledge Base.

Hello, any property to filer based on the message contained in the log?