Every package, regardless of its type, includes the following configuration options.
You can view and edit package options either by right-clicking a package and selecting "Edit" or by left-clicking a package and clicking "Edit Package Options" on the right screen.
|
Enabled package You can enable/disable packages to enable or disable all monitoring options contained in them. Disabled packages are shown with a red x in the tree. |
|
Global Package Instead of assigning a package to all groups or computers, you can make a package global. Global packages apply to all computer, regardless of their group membership. Once a package has been made global it cannot be assigned to groups or computers. |
|
Filter Chaining Package Indicates a package which is configured for filter chaining. |
Description
Enter a description for a package to briefly describe the package, its contents and/or its purpose.
Package Assignments
You can either assign a package to a computer or groups, or configure a package to be global and thus apply to every computer in your configuration. Check the "Global Package" checkbox to make a package global, or click the "Assign" button to assign this package to one or more computers.
You can also right-click a package to configure the package assignments.
Overrides
Many features in EventSentry are bound to a particular action. Rather than configuring every event log filter, health etc. feature to use a particular action you can set the notification on a package level instead. If you set a notification on a package level then you will not be able to set the action(s) on the individual items inside the package.
To specify actions on a package level, check the "Override actions of all objects in this package" checkbox and populate the "actions" list. Please note that only event log packages may contain more than one action, health and security & compliance packages may only have one action in the list.
Use group-specific database action: When configured in the group properties, dynamically adds that database to the list of actions. The list of actions should be empty if only the group-specific action should be used for the package.
Event Log packages offer additional package options which are explained in the Event Log Packages chapter.
|
Packages configured for dynamic-activation still need to be assigned to groups or computers, unassigned packages will not be activated. |
You can make a package dependent on the existence of a particular Windows service or the version of Windows installed. For example, you can activate a package only if the "mysql" service is installed, or on computers running Windows Server 2008 or later. It is important to note that dynamic activation will not assign packages, as such, dynamic activation still requires the package to be assigned. Generally speaking it's recommended to make packages that utilize dynamic activation global.
All conditions need to be satisfied (in an AND like fashion) when multiple conditions are configured (e.g. Operating System and Platform).
Activate based on installed service
To activate a package only when one or more services are installed, enter the service key names in the "Installed Service(s)" field. Separate multiple service key names with a comma. When multiple services are listed then it is sufficient if only one of the listed service is installed.
|
Always specify the service key name, not the service display name. |
Activate based on an assigned tag
Packages can be activated on hosts that have a specific tag assigned to them (either directly or implicitly through the group); separate multiple tags with a comma. When multiple tags are listed then it is sufficient if only one of the listed tags is assigned on a target host.
Activate based on the Operating System
To activate a package only for a specific Operating System, or range of Operating Systems, select the comparison type (at most, is, at least) as well as an Operating System. For example, when selecting "at least Windows Vista", then the package will be activated on all computers running Windows Vista or later.
Activate based on platform
To activate a package only for a specific platform (e.g. 64-bit), select the platform from the list or set to "any" for the package to be activated on all platforms.
Activate based on OS type
A package can be activated based on whether it is a domain controller, server, workstation (client) or a combination.
Sorting Packages
It does not matter in which order your packages are. The package order does not affect the functionality of EventSentry. You can however sort packages alphabetically (either ascending or descending) by right-clicking the corresponding package type and selecting "Sort Packages".
