Application and services log collection
EventLog Analyzer supports the collection of application and services logs from the Event Viewer. For example, to successfully collect PowerShell logs from Windows, you have to add a key inside the registry of the respective client machine from which you want to collect logs. You can do this by following these steps:
- Find and open regedit.msc.
- Navigate to HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services > EventLog.
- Create a new key called Windows PowerShell.
- Restart the EventLog Analyzer service after adding the key in the registry of the client machine.
EventLog Analyzer provides out-of-the-box reports for specific keys. You can refer to this
guide to set up these reports. For other keys, logs can still be collected with basic parsing capabilities. EventLog Analyzer can be configured to deliver custom reports for them.
New to ADSelfService Plus?
Related Articles
Enabling historic log collection in EventLog Analyzer
EventLog Analyzer collects all the logs present in the Windows Event Viewer (i.e., Windows Logs > Application, Security, System) when the historic log collection option is enabled. To enable historic log collection, follow the steps below: Navigate ...
Does the given credentials of a Windows device have permission for log collection?
Case 1: The account is a local administrator or a domain administrator. The credentials will, by default, have the required permissions. Case 2: The account is a non-admin domain user. Provide the non-admin domain user with the required permissions. ...
Log collection failure alerts
Device down alert: When configured devices don't respond to pings from EventLog Analyzer, it implies either of the following: The selected Syslog devices are not sending logs to EventLog Analyzer. EventLog Analyzer has not collected logs from the ...
Understanding your log management solution
Key log terminologies When managing logs, there are terminologies that will help you make the most of the product in hand. Following are the list of such terms and their definitions as used in EventLog Analyzer. Agentless and agent-based log ...
How do I fix the issue of being unable to configure the SQL Server application?
To open the SQL Server Configuration Manager to view the configurations of an SQL Server instance: In the machine where SQL Server is running, connect to the Microsoft Management Console via Run > mmc. In the Microsoft Management Console, go to File ...