The following event log records are be logged by this feature with the Log File Monitoring category:
Event ID |
Event Description |
Example |
8000 |
Text matching one or more filter rules has been found. |
Text matching one or more filter rules has been found in file C:\Logs\ntbackup01.log:
Line in monitored file |
8001 |
EventSentry is caching more than 1024 files in the monitored directory C:\Logs. |
EventSentry is caching more than 1024 files in the monitored directory C:\Logs. To keep the resource consumption of the EventSentry agent low it is recommended that you move old files to a sub directory or another directory. |
8002 |
A line did not contain a CRLF. |
A line in the previously monitored file C:\Logs\ntbackup01.log did not contain a CRLF and as such was not processed according to the filter rule. The line from the text file is shown below:
Line in monitored file |
8050 |
A line in a monitored file did not contain enough delimiters. |
The log file "ex00001.log" which is mapped to the file definition "IIS" does not contain enough field names (delimiters) and was not processed.
Please make sure that the file definition setup in EventSentry matches the layout of the monitored log file. The first 128 characters of the encountered line are shown below:
Field1,Field2,Field3,Field4 |
