Requires: SQL Server 2016 13.x SP1 or newer all editions Starting with SQL Server 2016 13.x SP1 or newer auditing can be enabled on all editions not just enterprise of SQL Server. EventSentry can log and alert on sensitive events like user creation database deletion permission changes and more. Auditing can be enabled at th...
There are a few prerequisites to setup in order to get notified when an Exchange mailbox is created or removed. The instructions below are for Exchange Server 2010 but are very similar for Exchange Server 2007. 1. On the Exchange server diagnostic logging needs to be setup. Diagnostic logging is configured by navigating to Microsoft Exchan...
Windows NT 4.0 is supported until version 2.90 and starting with EventSentry v2.91 Windows NT 4.0 is no longer a supported platform. If you need to monitor a computer running Windows NT 4.0 then you will need to install the latest v2.90 agent on that computer. You can obtain older releases of EventSentry from the customer area. Please read...
Yes the EventSentry web reports support multitenancy through access control and profiles. Access Control By enabling access control through the Accounts page in the Settings menu access to specific pages or hosts can be restricted based on user name or group membership. For example user John can be authorized to only view perfor...
EventSentry requires that SNMP is enabled on the VMWare ESXi hosts in order to pull the virtual machine inventory. IMPORTANT: You must enable SNMP on the actual ESXi hosts it does not help inventory the devices if SNMP is only enabled on the VCSA server that is used to manage the ESXi hosts. Method A: If you are connected directly to the ES...
You can utilize a short PowerShell script to get a list of all certificates that expire within a certain number of days. This script can then be executed on a regular basis usually daily and trigger an email alert if one or more expired certificates are found. The script is shown below: powershell sl cert: MaxDays = 30 GetChild...
video 2 Create a System Health package labeled Performance Processes Click this package and then in the toolbar the click 39Add39 downdown on the right and then Performance / SNMP Click on Performance / SNMP then click the to add the performance counter: Give it a name such as Process Elapsed Time Add this c...
video 3 Under 39Home Scripts User Embedded39 click 39New39 and then label this 39expiringcerts.ps139 and in the 39Script Content39 box add: powershell sl cert: MaxDays = 30 GetChildItem Recurse where .notafter le getdate.AddDaysMaxDays AND .notafter gt getdate.adddaysMaxDays select NotA...
The easiest way to get notified in realtime whenever a Windowsbased system boots is by forwarding Event Log event 6009. This event is logged to the System event log whenever a Windows OS starts up. 1. Open the management console and either find an existing event log package to add this new filter rule to or create a new even...
Note: This article AND script have been updated on 3/25/2020 to use a more accurate data source please update your script. Countries must now be specified by their English name and NOT by the country code. This article outlines how to monitor current COVID19 stats by displaying on an EventSentry dashboard and/or receiving email alerts u...
With the EventSentry Log File Monitoring feature you can be alerted via email if specific text gets written to a file. In this HowTo we will use the default Log File Windows Update as an example but this can be used for any other log file monitoring package existing or new. Expand Log Files Expand Windows Update C...
Telegram Messenger integration can be accomplished with the HTTP action. Configuring Telegram Messenger Creating a BOT Telegram implements a bot system to send messages through an API to a specific channel or group. To create a bot either search your contact list for BotFather or follow this linkhttps://telegram.me...
Windows Firewall policy changes like new program exceptions enabling/disabling/deleting policies can be monitored and detected with EventSentry along to detection when firewall is disabled. Enabling Policies Changes Audit In order to monitor Microsoft Windows Firewall policy changes the subcategory MPSSVC rulelevel Policy Chang...
Note: This article requires EventSentry v4.2.3.x or higher Since VMWare ESXi hosts report CPU and memory utilization differently than other Linux or Unixbased hosts the generic Performance System package cannot be used to obtain performance metrics from VMWare ESXi hosts. Instead the VMWare system health package needs to be downl...
EventSentry can be configured to restart services based on their resource usage. For example when a service uses more than the specified amount of memory handles or CPU a service restart can be triggered. Steps: 1. Creating a Performance Monitoring Package 2. Configuring the Performance Monitoring Package 3. Creating and Configuring ...
When utilizing the application scheduler on some NonEnglish versions of Windows commands that output nonascii characters e.g. Umlaut in German may cause the following issues: NonAscii characters in event id 10200 are not displayed correctly in the event viewer NonAscii characters in event id 10200 may not be stored in the builtin...
This guide explains how to deploy the HWgSTE Ethernet temperature / humidity sensor in your server room or office. Note: Please see the links below if you have not yet purchased the HWgSTE. Steps: 1. Unboxing and connecting the sensors 2. Connecting to the HWgSTE and configuring it 3. Adding the sensor to EventSentry Un...
Sysmonhttps://docs.microsoft.com/enus/sysinternals/downloads/sysmon is a free driverbased utility that supplements Windows39s builtin audit capabilities. Combining Sysmon with EventSentry39s monitoring capabilities enables users to detect a number of potential threats on their monitored servers and workstations. The required Sysmon configur...
The CPU and memory utilization of each container as well as the number of docker containers currently running can be monitored using EventSentry39s performance monitoring feature and PowerShell scripts. The following 3 scripts are available under Scripts Managed in the management console: dockercontainerscount.ps1 Monitors th...
While overall performance and CPU statistics from nonWindows hosts can easily be obtained via SNMP getting the CPU usage of each process requires a few additional configuration steps. Since EventSentry39s performance monitoring feature supports importing data returned from an external process examplehttp://demo.eventsentry.com/dashboard/...
Monitoring and alerting on the runtime duration of processes This guide demonstrates how to set up EventSentry to trigger an alert when a process runs longer than a specified duration. We will use PowerShell as the example for this configuration. Open EventSentry Management Console From the left menu tree expand Packages and click...
You can get an alert when a domain is about to expire in 30 days by using the WhoisXMLAPIhttps://www.whoisxmlapi.com/. Creating API key Create a user at WhoisXMLAPIhttps://www.whoisxmlapi.com/ Get your API key from menu/settings under general. Add the API Key replacing APIFROMWHOISXMLAPI with the API at the script....