Log File Monitoring

Log File Monitoring allows you to both consolidate text from log files in the EventSentry database as well as receive alerts when certain text patterns are found in a log file. Log File Monitoring supports the following types of log files:

• Non-Delimited Log Files: This includes files that do not follow a pattern, such as development debug files and the NTBackup log files.
• Delimited Log Files: This includes files that follow a pre-defined pattern and are delimited with a common delimiter (e.g. , : etc.), for example the IIS log files.

Unlike many other log file monitoring solutions that only support a limited number of log file formats (e.g. IIS), EventSentry allows you to map the format of any delimited log file in EventSentry, which means that you can consolidate pretty much any delimited log file into the EventSentry database. You can then search and create reports based on any field / column from these log files.

EventSentry also ships with a database import utility that can be used to import log files into the database manually or on a scheduled basis (command-line options are supported) if real-time monitoring is not desirable or possible for any reason.

Log File Monitoring Alerts

You can configure EventSentry to log an alert with a customizable severity to the Application event log when a monitored log file contains one or more strings of interest. For example, you can receive an email if the NTBackup log file contains the string "Warning:".

Log File Monitoring Consolidation

In most cases you will want to consolidate log file information into the EventSentry database so that you can archive and search log files from one central location. As mentioned earlier, you can consolidate both non-delimited and delimited log files with EventSentry.

Delimited Log Files

Consolidating data from delimited log files is flexiable and powerful, as EventSentry parses each line and splits the data into their respective data types and thus lets you create reports and searches based on information contained in particular fields. For example, you can create a report that will show you the percentage of files in an IIS log that returned a 404 "File Not Found" error.

Non-Delimited (Flat) Log Files

Consolidating data from non-delimited log files on the other hand simply stores each line from the log file in the database. This is necessary when the log file does not follow a pattern, and you can still search across multiple files and computers from one central interface.