Using other tools

The Event Viewer provides the means through which you configure and view event logs. Because you can save a log to a text file, however, you can use other applications to view a log. You may save a log to a comma-delimited file, for example, so that you can import the file into Microsoft Access or another database application to create a database that you can easily organize by event ID, source, and so on. You may also export the data to a text file and import it into a word processor to create a report. Just make sure that you pick an application that can import tab- or comma-delimited files and export the log files in the appropriate format.

A handful of other third-party tools exist for viewing a system's log files. One in particular worth considering is RippleTech's LogCaster. Providing a mechanism to manage the event logs is just a small part of what LogCaster does. It not only provides a unified interface for viewing the event logs, it also serves as an excellent warning system for administrators. LogCaster provides real-time monitoring of the event logs, services, TCP/IP devices, performance counters, and ASCII logs. It provides automatic delivery of alerts through a variety of mechanisms, including paging, e-mail, ODBC, SNMP, and others. Whenever a given event occurs, you can have LogCaster automatically notify you regardless of where you are. Whether you're tracking system performance, want to be notified of audit events, or want to be warned of a possible system intrusion, you should find LogCaster an excellent resource. You can locate RippleTech on the Internet at www.rippletech.com.

You can also use several enterprise management tools to go beyond just managing event logs. Microsoft Operations Manager (MOM), for example, provides the capability to collect information across the enterprise from event logs, UNIX syslog files, SNMP traps, and other sources to help you monitor availability and performance. MOM provides an excellent set of tools for monitoring systems and Microsoft applications such as Exchange Server, SQL Server, and others. For more information on MOM, check www.microsoft.com/mom.

Several other third-party enterprise-management tools are worth considering if you're looking for ways to improve data collection and monitoring. You should also consider CA Unicenter (at www.ca.com), HP OpenView (at www.hp.com), and the many tools from NetIQ

Note Microsoft Operations Manager is derived from NetIQ Operations Manager. Microsoft licensed the technology and integrated additional features to target the product to Microsoft platforms and applications.

Was this article helpful?

0 0

Post a comment