How to monitor Event Logs in "Applications and Services Log" ?
Explanation :
Upon investigation, we discovered that the Win32_NTLogEvent WMI class, by default, includes only standard Event Log categories found under "Windows Logs." To access specific log names under "Applications and Services Logs," a corresponding registry entry for the desired log must be added. Once this entry is configured, users will be able to access the Event Log through the Win32_NTLogEvent class.
Upon investigation, we discovered that the Win32_NTLogEvent WMI class, by default, includes only standard Event Log categories found under "Windows Logs." To access specific log names under "Applications and Services Logs," a corresponding registry entry for the desired log must be added. Once this entry is configured, users will be able to access the Event Log through the Win32_NTLogEvent class.
Requesting to follow the steps :
- Take a backup of the registry.
- Open the Event Viewer, expand the tree containing the required log and then copy the content of the Full Name field from the Properties window:
- Example: Microsoft-Windows-DateTimeControlPanel/Operational
- Open the registry using the registry editor (regedit.exe) and navigate to the following path : "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog"
- Right click Eventlog -> New -> Key. Provide the value copied in step 2, for the Key.
- Close the registry editor to save the changes.
- To monitor "DateTimeControlPanel" event, you should create New Event Log in Applications Manager.
- Settings -> Log Rules -> Add New Event Log
- In the Add New Event Log Windows, the New Event Log Name should be added as 'Microsoft-Windows-DateTimeControlPanel/Operational' as given in the registry.
Now, create an event on the target server and execute the below script under <APM_Home>\working\conf\application\scripts directory. Kindly check log name in the script argument is the same as the name provided in the registry.
- cscript event.vbs "Hostname" "Username" "password" 300 "microsoft-windows-datetimecontrolpanel/operational" 500
Note: You need to replace hostname, username and password with actual credentials used in Applications Manager for the reported server.New to ADSelfService Plus?
Related Articles
How to install .NET agent on Azure app services?
You can track the performance of your .NET and .NET Core web app's key metrics like response time, throughput, and Apdex score via the APM Insight .NET agent hosted in Azure App Services. Installing APM Insight extension via Azure portal 1. Log in to ...Troubleshooting URL Monitor
When configuring a URL monitor in Applications Manager, you might encounter several errors related to accessibility, configuration, or server-side issues. Below are common errors along with step-by-step troubleshooting instructions to help you ...DNS Monitor - Troubleshooting
Common DNS Monitor Errors and Troubleshooting Guide 1. Host Not Found Description: The DNS server was unable to locate the requested lookup address. Possible Causes: This may happen if the hostname is incorrect, the domain does not exist, or there is ...Mail Server Monitor - Troubleshooting
Common Mail Server Monitor Errors and Troubleshooting Guide 1. Unknown Host Error Description: This error occurs when the mail client cannot resolve the hostname of the mail server to an IP address. The issue typically arises from DNS resolution ...Real User Monitor (RUM) - Troubleshooting
If the monitor has not polled data for a long time, follow the below steps for troubleshooting. Step 1: Check the RUM Agent configuration Real User Monitor requires the RUM Agent to be installed and mapped to the Applications Manager. Refer this help ...