Application and services log collection - Online help | EventLog Analyzer

Application and services log collection

EventLog Analyzer supports the collection of application and services logs from the Event Viewer. For example, to successfully collect PowerShell logs from Windows, you have to add a key inside the registry of the respective client machine from which you want to collect logs. You can do this by following these steps:
  1. Find and open regedit.msc.
  2. Navigate to HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services > EventLog.
  3. Create a new key called Windows PowerShell
  4. Restart the EventLog Analyzer service after adding the key in the registry of the client machine. 


EventLog Analyzer provides out-of-the-box reports for specific keys. You can refer to this guide to set up these reports. For other keys, logs can still be collected with basic parsing capabilities. EventLog Analyzer can be configured to deliver custom reports for them. 

                  New to ADSelfService Plus?

                    • Related Articles

                    • Enabling historic log collection in EventLog Analyzer

                      EventLog Analyzer collects all the logs present in the Windows Event Viewer (i.e., Windows Logs > Application, Security, System) when the historic log collection option is enabled. To enable historic log collection, follow the steps below: Navigate ...
                    • Does the given credentials of a Windows device have permission for log collection?

                      Case 1: The account is a local administrator or a domain administrator. The credentials will, by default, have the required permissions. Case 2: The account is a non-admin domain user. Provide the non-admin domain user with the required permissions. ...
                    • Understanding your log management solution

                      Key log terminologies When managing logs, there are terminologies that will help you make the most of the product in hand. Following are the list of such terms and their definitions as used in EventLog Analyzer.   Agentless and agent-based log ...
                    • Log collection failure alerts

                      Device down alert: When configured devices don't respond to pings from EventLog Analyzer, it implies either of the following: The selected Syslog devices are not sending logs to EventLog Analyzer. EventLog Analyzer has not collected logs from the ...
                    • How do I fix the issue of being unable to configure the SQL Server application?

                      To open the SQL Server Configuration Manager to view the configurations of an SQL Server instance: In the machine where SQL Server is running, connect to the Microsoft Management Console via Run > mmc. In the Microsoft Management Console, go to File ...