By default, the Events pane provides a real-time aggregation display of selected events from your connected computers’ Windows System, Application, and Security event logs. You may monitor any number of additional event logs by clicking on the “Add an Event Log” button in the Home ribbon and typing the name of the log you would like to add. The log name you enter must be exactly as it is in the computer you want to monitor in the "Windows Logs" section. Additionally, the log file must be in the standard format.
Note: ControlUp does not support the "Applications and Services Logs" in newer versions of Windows.
The following event types can be collected:
- Error events
- Warning events
- Failure Audit events
Events are preserved in the Events pane for a retention period that can be configured in the Command Bar. (Default event retention period is set to 60 minutes).
The following actions are available when right-clicking on events:
Using the Events Settings button from the Home ribbon bar (or the Events tab in the Settings window), you can configure parameters according to which the events will be displayed. The following filtering methods are available:
- Excluded Events: by adding an Event Log Filter Rule here, you are setting a condition which, if matched, will cause the event to be ignored. For example, setting a rule which specifies Event ID 33 will drop all future events with the ID number 33 from the Real-Time Console.
- Event type. You can choose to ignore errors, warnings, and/or audit failure events.
- Frequent Events Filter. By default, ControlUp is configured to ignore events that appear repeatedly for a configured amount of times during the event retention period. The default value is 100, so by default, an event that appears a hundred times within an hour will fall under the “Frequent Events Filter” category and will no longer be reported. When an event reaches this threshold, you will see a pop-up notification in the left bottom corner of the ControlUp Real-Time Console. This notification may be hidden by using the “Disable Frequent Event Filter Notifications” checkbox.
Note: Please note that if you turn off the default Frequent Event Filter, your ControlUp Real-Time Console may accumulate a large number of events, which may dramatically increase the amount of RAM consumed by the console. You may mitigate this condition by clearing events or by decreasing the Event Retention Period.
Note: The above filtering mechanisms only affect future events. In order to remove unneeded events from the current view, use the Clear or Clear All buttons on the Command Bar.
Add to Filter
The selected event’s details will be used to create a new filter rule to prevent similar events from appearing in the Events pane. You will be presented with a configuration window in which you will be able to customize the rule before applying it.
Remove from this View
The selected event(s) will be removed from the current view. This will not prevent similar events from appearing in the Events pane in the future.
Search In: (Google, EventID, Microsoft TechNet)
Right-clicking on an event and selecting “Search In” will enable you to conduct online research using selected search engines with the details of this event. Internet connectivity is required for this feature.
Remote Desktop to Computer
Use this action to switch to the Remote Desktops pane and establish a Remote Desktop Connection to the computer from which the selected event originated.
Launch Event Viewer
Use this action to open the Windows Event Viewer while connecting to the machine on which the event originated.
Note: This action requires RPC access to the managed computer(s) and administrative privileges on these computer(s). You might not be able to display the events on computers that do not meet these prerequisites.