Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Windows NT Event Log Adapter

Status
Not open for further replies.
rosy4

rosy4

Technical User
Apr 22, 2003
6
IT
I need to monitor an application log file running on Windows 2000. Is it possible do it with Windows NT Event Log Adapter? Anyone has implemented this type of monitoring on Windows system? I have found many sample but all works with UNIX Log File Adapter. I know that it is necessary to add the LogSource entry in the adapter conf file but my problem is the event match. I have added a new class in the tecad_nt.fmt and tecad_nt.baroc files but I'm not able to match the new event class?

Thanks a lot
Rosy4
 
Sort by date Sort by votes
It is possible, but I don't recommend integrating it into the standard NT adapter. It's better to create a second adapter for this.

Check your tecad_win.cds file. If it is 0 bytes then it did not compile correctly. This usually indicates an error in your format file. If this is the case, the adapter will not work at all.

Send an event and then use:

wtdumprl -o DESC | more

Look for your event. If you get a "parsing failed" message, then something is wrong with your event class. (You possibly forgot to bounce the TEC server after compiling the new BAROC file?)
 
Upvote 0 Downvote
I monitor serveral NT 4.0 and W2k server log files for specific event ID's using ITIM 5.1.1. You can you the workbench and create a monitor for just about anything you want. It is by far the best set of monitors Tivoli has put out. Of course, providing you have this Tivoli product.

Best of luck !

Mike
 
Upvote 0 Downvote
Hello Mike,
thank you very much for your reply. Please, can you give me futher information about ITIM 5.1.1. How I can get it?

Thanks
RoSy
 
Upvote 0 Downvote
RoSy,

I apoligize for not responding sooner ! ITIM 5.1.1 is a Tivoli product, which is also know as Distributed Monitoring. Do you know if you own Tivoli Distributed Monitoring ?

ITIM 5.1.1 comes with several prepackaged resource models for Windows that allows you to monitor services, NT events, etc. It also come with a workbench that you install on a workstation and create your own resource models based on WMI. Now WMI is already loaded on W2K servers, but will have to be installed on NT 4.0 ( a rather easy install).

If you need more information, please feel free to e-mail me directly at mmichaud@hannaford.com and refer to the Tek-Tips user group.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ArmyITGuy
  • Locked
  • Question
Event Group Role - Acknolwedge only
Replies
0
Views
92
ArmyITGuy
ArmyITGuy
fredericrenaud
  • Locked
  • Question
Unix Logfile adapter versus ITM v5.x
Replies
1
Views
70
dietmarp
dietmarp
robhorn
  • Locked
  • Question
TECAD Logfile adapter with Websphere
Replies
0
Views
51
robhorn
robhorn
killerwang
  • Locked
  • Question
TME domain migration NT domain --> AD Domain
Replies
3
Views
98
dietmarp
dietmarp
kelvinlee82
  • Locked
  • Question
Tivoli license should I buy for Windows Cluster system?
Replies
1
Views
79
dietmarp
dietmarp

Part and Inventory Search

Sponsor

Back
Top