If you are the IT Administrator for a small or medium-sized business, you probably should have a tool that can monitor the event logs across your network. Usually, when something goes wrong, we look at the event log to figure out what the problem is.
But it’s always better to be more proactive and monitor the event log to quickly resolve problems before they become bigger. You can always use Event Viewer in windows to monitor one computer or server, but to monitor an entire network, you need something more robust.
Event Sentry Light is a free program that you can use to monitor Windows event logs across your domain. The program actually comes in two flavors, a Light edition that is free and a commercial package that has more features.
Event Sentry basically consists of several packages that you can install to monitor not only the event log, but also log files, services, disk space, and lots more. Here are the main packages of the program:
- Event Log Monitoring – This is the core package of the program and gives you a highly configurable filtering system to setup alerts for just about any type of event. You define which event logs messages you are interested in and then setup notification using many different methods (email, SMS, database, file, and lots more).
- Log File Monitoring – You can use this package to either consolidate text from log files in the EventSentry database or receive notifications when certain text patterns show up in a particular log file. It supports non-delimited and delimited log files.
- Disk Space Monitoring – EventSentry can also monitor any fixed disk drives and generate alerts when the percentage of free disk space is below a predefined threshold or the absolute disk space is below a predefined threshold. You can also monitor the size of directories and log the directory size over time to a database for trend analysis.
- Service, Process and Application Monitoring – Another cool feature is the ability to monitor all Windows services, drivers, and processes. For example, you can receive an alert if a program or service becomes unavailable, when a new service is added to a system, or when a process continuously is increasing it’s memory usage (memory leak).
- Performance and Network Monitoring – Monitor the uptime of your internal web servers, exchange servers, etc with the network monitoring capabilities of EventSentry. You can also monitor any IP based host such as workstations, printers, network switches, routers and more. Also, setup performance counters on your servers to monitor processor usage, memory usage, thread count, page faults, and more.
- Compliance Tracking – Worried about Sarbanes-Oaxley compliance issues? No problem! EventSentry has a whole slew of tracking features including Process tracking, Console and Network Logon tracking, File Access tracking, Print tracking, Account Management tracking and Policy Change tracking.
The free version of the program does not have all of the features that I mentioned above, but it does have most. The Light edition does not have any tracking features, doesn’t support monitoring of Directory Service, File Replication, and DNS Server logs, can only monitor non-delimited text files, and does not include all notification methods.
You can see the full comparison between the Full and Light versions here. Overall, it’s a great monitoring tool for small businesses who only have a few servers and not very big networks. If you do have a pretty large network, you may want to consider shelling out the money for the full version which has a bunch of useful features. Enjoy!