The Poor Man's Event Log Monitor -- Microsoft Certified Professional Magazine Online

The Poor Man's Event Log Monitor

Full-suite log monitoring tools offer gobs of info, but for those times when you just need a nibble, Vista's event log monitor delivers the goods.

By Greg Shields
12/06/2007

I love tools that centralize and monitor Event Log data from multiple systems. Microsoft has its System Center Operations Manager. TNT Software has ELM Enterprise Manager. Dorian Software has its Total Event Log Management Solution. Any of these systems can aggregate event log data from systems all across the network, analyze it, chew it up and spit it all back out with full reporting and rich alerting capabilities.

But sometimes you don't need a fully functional tool to solve the problem. Sometimes all you want is a quick-and-dirty way to set up an alert when a particular event log entry appears. For those times, Windows Vista's new event log provides a "poor man's" solution.

Open the event log in Windows Vista and right-click any event log entry in the middle pane. There you'll see a new context menu item called "Attach Task to this Event..." Click on this new entry to bring up the Create Basic Task wizard. This wizard pre-populates the Name, Log, Source and Event ID associated with the scheduled task. All you need to do is configure the action you want to occur when the event is logged. That action can be either the starting of a program, sending of an e-mail or the displaying of a message on the screen.

If you've got an available SMTP server on your network, configuring the sending of an e-mail allows you to specify the message characteristics right from within the Task Scheduler. Once the wizard is completed, the task appears in Task Scheduler under Event Viewer Tasks where even more configurations can be enabled.

Tech Help -- Just An
E-Mail Away

Got a Windows, Exchange or virtualization question or need troubleshooting help? Or maybe you want a better explanation than provided in the manuals? Describe your dilemma in an e-mail to the MCPmag.com editors at [email protected]; the best questions get answered in this column and garner the questioner with a nifty Redmond T-shirt.

When you send your questions, please include your full first and last name, location, certifications (if any) with your message. (If you prefer to remain anonymous, specify this in your message, but submit the requested information for verification purposes.)

I wouldn't discount the big players in the event log consolidation world like those I've talked about above. Their tools do so much more to make this process a lot easier -- especially across multiple machines with multiple logs. But sometimes when you've got a point problem, all you need is a point solution.

About the Author

Greg Shields is Author Evangelist with PluralSight, and is a globally-recognized expert on systems management, virtualization, and cloud technologies. A multiple-year recipient of the Microsoft MVP, VMware vExpert, and Citrix CTP awards, Greg is a contributing editor for Redmond Magazine and Virtualization Review Magazine, and is a frequent speaker at IT conferences worldwide. Reach him on Twitter at @concentratedgreg.

Register! Top 5 Hybrid AD Management Mistakes and How to Avoid Them