I would like to create an alarm for all Event Logs except for certain events with ID 'xxxx'.
Solution:
Open a text editor and create a file 'EventLogExcludeList.txt' under the following folder "<AppManager-Home>\working\conf". We can implement Event Log exclusions as explained below:
1) The format for the Exclusion for the events is as follows:
EventId | Source | Category | User | EventType | Descripion
2) The file should be present in the directory <AppManager-Home>\working\conf\
3) An example for the entries in EventLogExcludeList.txt will be as follows:('#' at the beginning of the line means the line is commented)
#EventId | Source | Category | User | EventType | Description
100|*|*|*|*|*
3|*|*|*|*|*
*|kerberos|*|*|*|*
You can enter the event id and by using * it excludes what ever comes in the respective fields like ,Source, Category, User, EventType, Descripion, etc.
4) More rules can be specified in next line as shown in the above example.
5) Save the file and restart Applications Manager.
New to ADSelfService Plus?
Related Articles
Enterprise Alarm Sync Failure Troubleshooting (Event Push)
Event Push Mechanism: When an event is generated on the Probe Server, it is immediately pushed to the Central Server. Issue (Limitation): In a Probe Server, when a new monitor is added, an event is generated and instantly sent to the Central Server, ...How to monitor Event Logs in "Applications and Services Log" ?
Explanation : Upon investigation, we discovered that the Win32_NTLogEvent WMI class, by default, includes only standard Event Log categories found under "Windows Logs." To access specific log names under "Applications and Services Logs," a ...How to collect Applications and Services Logs from Windows event logs
Applications Manager AppLogs uses the Windows Management Instrumentation (WMI) query on the Applications Manager FSO agent to fetch event logs. The WMI module requires the registry entry below to read the event logs from the Applications and Services ...Filtering Windows event logs before uploading
You can filter Windows event logs on the agent side before uploading them to Applications Manager. You can configure to eliminate the unwanted event IDs, so that you can skip them while uploading. You can set these field configurations while adding a ...Troubleshooting: Alarm Not Generated for Threshold Violation
When a monitor attribute exceeds its defined threshold but fails to generate an alarm, the cause is usually related to data collection gaps, retry logic, or suppression rules. Follow these steps to diagnose the issue. Step 1: Verify Data Collection ...