“We use SentryOne SQL Sentry daily to watch and troubleshoot active processes on our production and business critical servers.”
- Kevin Howell
Depending on the severity of the Windows event, application events can be classified as error, warning, or information. An important problem such as data loss occurring would be considered an error. When an event isn’t as severe, but may lead to a problem in the future, it is a warning. Lastly, a successful operation of a driver, program or service is considered an information event.
If your computer is setup as a domain controller, it will have other logs displayed in the setup events.
Also called audits, security-related Windows events can either be successful or failed. It all depends on the particular Windows event. One example would be whether or not a log on attempt by a user was successful or unsuccessful.
When events are sent to a Windows Event Log by other computers, these are considered forwarded events.
Additional logs can be viewed in setup events on computers that are configured as domain controllers.
Keeping track of Windows events across your environment can be time-consuming, but it doesn’t have to be. Event Manager for Windows makes keeping track of all of the events and jobs on your servers easy with an "Outlook-style" calendar that lets you view everything in one place. Event Manager collects Windows events from the system, the application, as well as security logs and enables you to easily correlate them with other events that have occurred during that time via the calendar view.
For example, many failed login attempts may be indicative of a brute force attack. Event Manager can alert you to this situation so that you can take appropriate action. You can also generate alerts for events that are impacting critical services and applications in your environment. You will know right away when there are issues that require your attention before they turn into larger problems.