New Ranks & Badges For The Community!
Notice something different? The ranks and associated badges have gone "Star Fleet". See what they all mean HERE
Highlighted
Cadet 1st Class Cadet 1st Class
Cadet 1st Class
179 views

Read Windows System Event log using logfile monitor

I'm trying to find a way to ignore the entries in the windows system log, that were created during the time the monitor was in a disabled state. I'm unable to achieve this with a 'Windows Event Log Monitor' as the monitor reads the earlier entries after it is enabled.

I set the path in a logfile monitor to System.evtx log file. The monitor is able to get the size of the file and number of lines in the file, but unable to do a regex match. I tried multiple encoding types, but none gave a readable output.

Can anyone help me come up with a solution. Thank you.

SiteScope v2019.02/11.70

Labels (1)
0 Likes
1 Reply
Highlighted
Lieutenant
Lieutenant

Hi Raj,

Hope you are doing great,

About your question, it won't work with a RegEx, as the monitor will always check the first entries. Something you can do is to configure a Script Monitor related to system event log. It has to be configure, so when the Event Log Monitor is disable the Script Monitor has to be enable, and it will delete the log entries created during the time the monitor is in disabled state.

But this funtionality hyas to be build by your side. 

Please let me know if it works you.

 

Best Regards,

 

 

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.