Product manual
GFI EventsManager 5 Collecting Event Logs | 100
5 Collecting Event Logs
This chapter provides you with information about how to configure your event sources to apply events
processing rules to collected events. Assign existing or custom events processing rules to precisely
process the events wanted only.
Topics in this chapter:
5.1 Collecting Windows® event logs 100
5.2 Collecting Text logs 103
5.3 Collecting Syslogs 106
5.4 Collecting SNMP Traps Messages 110
5.5 Collecting custom logs 114
5.6 Collecting GFI LanGuard event logs 116
5.7 Collecting GFI EndPointSecurity events 121
5.1 Collecting Windows
®
event logs
Windows
®
events are organized into specific log categories; by default computers running on
Windows
®
NT or higher, record errors, warnings and information events in three logs namely
Security, Application and System logs.
Computers that have more specialized roles on the network such as Domain Controllers, and DNS
Servers have additional event log categories.
As a minimum, Windows
®
Operating Systems record events in the following logs:
Log Type Description
Security
event log
This log contains security related events through which you can audit successful or attempted security
breaches. Typical events found in the Security Events log include valid and invalid logon attempts.
Application
event log
This log contains events recorded by software applications/programs such as file errors.
System event
log
This log contains events logged by operating system components such as failures to load device drivers.
Directory
service log
This log contains events generated by the Active Directory including successful or failed attempts to
make to update the Active Directory database.
File Rep-
lication serv-
ice log
This log contains events recorded by the Windows
®
File Replication service. These including file rep-
lication failures and events that occur while domain controllers are being updated with information
about Sysvol.
DNS server
log
This log contains events associated with the process of resolving DNS names to IP addresses.
Application
and Services
Logs
These logs contain events associated with Windows
®
VISTA and the relative services/functionality it
offers.
Table 36: Windows
®
Event Logs collected by GFI EventsManager