I am trying to replace another monitoring solution for our Windows servers in-house. I am playing with the Event Log Forwarder utility and the APM Event log Application Monitor component. I cannot get either on to really give me what I'm looking for.
With the APM component monitor, I can get it to poll and build an alert but I cannot seem to find the variable to include the Event Log entry details from the server.
I had initially started out with the LogFowarder and building alerts on that side. The Message comes accross all strung together though so I cannot get a good format in splitting out the details of event log entry. For instance, it has the Source, Event ID, Computer, User, Event description, etc. but all in one large message field.
If anyone out there has found a way to clean up the details for alerting, I would appreciate your sharing how you accomplished it. Maybe I'm just missing some key variable or something...