EventSentry monitors the event log when it is running. When the service is not running (such as when the system is being rebooted), it is unable monitor the event logs. Event log entries created while the service is stopped are not processed.

To avoid this problem you can configure EventSentry to look for events created after the service was last shut down by setting this feature to "most". Every time the service starts it scans the event log from the last checkpoint. This feature is also useful in determining if a server was rebooted.

Most: EventSentry will re-scan the event log and process events that occurred while the service was stopped.

Regular: EventSentry will monitor the event log right after the service was started, but will not process events that occurred while the service was stopped.

Least: EventSentry will ignore events that occurred for the first X seconds after the OS booted. For example, if EventSentry emails you a lot of events when a server is rebooted, then you can configure this feature to suppress events for a given amount of seconds. Click the "Settings" button to bring up the "Boot Delay Settings" dialog that lets you configure the interval and to which action types this feature applies to.

By default, computer names will appear with their NetBIOS names (e.g. SERVER1) in alerts and the web reporting. You can change this option to FQDN so that hosts will show up with their respective FQDN names instead (e.g. server1.yourdomain.local). Please note that you will have to restart the agent for this change to become effective.

Certain action types, including email, database and Syslog, have the ability to cache events when the configured server is temporarily unavailable. This setting allows you to configure the maximum amount of disk space that EventSentry will use in the system temp directory (%TEMP%) for caching events.

This setting also applies to the storage used for the summary actions.

Many features, including environment monitoring, disk space and service monitoring write alert messages to the event log when a certain problem (e.g. low disk space, high environment temperature, etc.) is detected. To avoid the event log from being flooded with the same event pertaining to the same problem you can set a maximum notification interval here.

For example, if you set a maximum notification interval of 24 hours then a low disk space warning regarding drive C will only be logged once every 24 hours until the low disk space problem is resolved.