|
|
|
|
Event Log Settings
The Event Log Settings page specifies the event log types and categories included in the Log History. Event logs must be enabled for a machine ID before event log alerts can be configured for that machine ID using Monitoring > Alerts > Event Logs. The list of event log types available on this page can be updated using Monitor > Update Lists by Scan.
To specify Event Log Settings:
- Click an event log type in the Event Log Types list box. Hold down the [Ctrl] key to click multiple event log types.
- Click Add > to add event log types to the Assigned Event Types list box. Click << Remove or << Remove all to remove event log types from the Assigned Event Types list box.
- Check one or more event categories: Error, Warning, Information, Success Audit, Failure Audit, Critical, Verbose.
- Select one or more machine IDs.
- Click Update or Replace to apply these settings to selected machine IDs.
Global Event Log Black Lists
Each agent processes all events, however events listed on a "black list" are not uploaded to the VSA server. There are two black lists. One is updated periodically by Kaseya and is named EvLogBlkList.xml. The second one, named EvLogBlkListEx.xml, can be maintained by the service provider and is not updated by Kaseya. Both are located in the \Kaseya\WebPages\ManagedFiles\VSAHiddenFiles directory. Alarm detection and processing operates regardless of whether entries are on the collection blacklist.
Flood Detection
If 1000 events—not counting black list events—are uploaded to the KServer by an agent within one hour, further collection of events of that log type are stopped for the remainder of that hour. A new event is inserted into the event log to record that collection was suspended. At the end of the hour, collection automatically resumes. This prevents short term heavy loads from swamping your KServer. Alarm detection and processing operates regardless of whether collection is suspended.
Update
Adds event log types listed in the Assigned Event Types list box to the set of event log types already assigned to selected machine IDs.
Replace
Replaces all event log types assigned to selected machine IDs with the event log types listed in the Assigned Event Types list.
Clear All
Clears all event log types assigned to selected machine IDs.
Select All/Unselect All
Click the Select All link to check all rows on the page. Click the Unselect All link to uncheck all rows on the page.
Check-in status
These icons indicate the agent check-in status of each managed machine. Hovering the cursor over a check-in icon displays the agent quick view window.
Online but waiting for first audit to complete
Agent online
Agent online and user currently logged on.
Agent online and user currently logged on, but user not active for 10 minutes
Agent is currently offline
Agent has never checked in
Agent is online but remote control has been disabled
The agent has been suspended
Machine.Group ID
The list of Machine.Group IDs displayed is based on the Machine ID / Group ID filter and the machine groups the user is authorized to see using System > User Security > Scopes.
Delete Icon
Click the delete icon 
to delete this record.
Edit icon
Click the edit icon 
next to a machine ID to automatically set header parameters to those matching the selected machine ID.
Assigned Categories
The event categories stored by the VSA for this machine ID and event log:
- Error
- Warning
- Information
- Success Audit
- Failure Audit
- Critical - Applies only to Vista, Windows 7 and Windows Server 2008
- Verbose - Applies only to Vista, Windows 7 and Windows Server 2008
Topic 3713: Send Feedback. Download a PDF of this online book from the first topic in the table of contents. Print this topic.