Importing Log Files

 

The Imported Log Files link lets you import a windows event log file (type .evt format) from the local machine or remotely, through FTP. You can import both Event Log and Application Log files.

Importing Event Log and Application Log files are explained below.

Importing Event Log File

  1. Select the Settings tab. In the System Settings section, click the Imported Log File link.
  2. Select the Event Log Imports / Application Log Imports tab, and click the Import Log File link, to import a new event/application log file. The procedure to import the log files for both Event Logs and Application Logs remain same.
  3. Choose Local Host if the event log files are present in the local machine from where you are accessing the EventLog Analyzer server.
    1. Select the log format from the Choose the Format combo box (Windows EventLog, IIS W3C Web Server Logs, IIS W3C FTP Logs, MSSQL Server Logs, EventLog Analyzer Archive).
    2. Click Browse to locate the log file.
    3. Select the Log Type (Application, Security, System, Directory Service, DNS Server, or File Replication Service) based on the type of event log you are importing.
    4. Select the option Create Throw Away Reports if you do not want to store the imported event log file for more than 2 days. After 2 days the Throw Away reports are automatically removed from the Imported Log File listing page.
    5. Finally click Import to import the log file into the database. The time taken to import a log file depends on its file size.
  4. Choose Remote Host if you need to import the event log files from a remote location on the network.
    1. Select the log format from the Choose the Format combo box (Windows EventLog, IIS W3C Web Server Logs, IIS W3C FTP Logs, MSSQL Server Logs, EventLog Analyzer Archive).
    2. Click Select Remote File link to locate the log file. Enter the remote host's hostname or IP address, and the FTP user name and password and Port (Default port will be 21).
    3. Select the Log Type (Application, Security, System, Directory Service, DNS Server, or File Replication Service) based on the type of event log you are importing.
    4. Enter the time interval after which EventLog Analyzer should retrieve new log files.
    5. Enter the location on the remote machine where the log file or the entire directory containing the log files is present. You can click the List Remote Files/Directories link to locate the file on the remote computer.
    6. Finally click Import to import the event log file into the database. The time taken to import a log file depends on its file size.
attention

If you importing an event log file which is much older than the configured DB Storage option, then such imported event log files are automatically considered as Throw Away Reports.

 

 

Note Some Applications create log file with new name (with time stamp appended) everyday. If the Application log files are to be imported, you do not have to change the filename daily, instead select the Change filename dynamically option while importing the logs. Selecting the option displays the the Filename pattern: text box to enter the time stamp pattern that the Proxy server appends when the Proxy server creates the log file daily. A help tip icon displays, (when you hover the mouse on the icon) the mapping of the Timestamp in Filename to the Pattern to be given. Enter the pattern as required.

 

The Imported Log Files listing page shows you the list of windows event log files imported, along with details such as the following for each imported event log file.

 

Column Head Description
FileName Name of the imported event log file. Click on the Error in displaying log message icon to know the details of errors while importing the event log files.
HostName Host which generated the event logs.

LogType

The event log type can be Application, Security, System, Directory Service, DNS Server, or File Replication Service.
ImportType Whether the event log file has been imported from the local machine or remotely (remote machine name or ip) through FTP.
ImportedTime Timestamp at which the event log file was imported.
LogRecord StartTime Time stamp of the first collected log record in the imported event log file.
LogRecord EndTime Time stamp of the last collected log record in the imported event log file.
Report Type The type of custom report that will be generated. The Report report type can be Active or Throw Away.
Action Click on the Load & Search Load & Search link to load the event log file into the inbuilt MySQL DB.
Click on the Load & Search Search link to search through the DB for matching criterias. The search criteria can be Source, Severity, Message, Event ID, Type (or Facility).
Click on the Drop Tables DropDB link to drop the imported log file table.

 

Importing Application Log File

The Application Log Imports tab of the Imported Log Files listing page shows you the list of application log files imported, along with details such as the following for each imported application log file.

 

Column Head Description
File Name Name of the imported application log file. Click on the Error in displaying log message icon to know the details of errors while importing the application log files.
Format Description The log format is indicated here.
Remote Host Remote Host from where the application log file has been imported.

Status

Indicates the status of file import. Various status are listed below.

Imported Time The time stamp at which the application log file was imported.
Size The size of the imported application log file.
Time Taken The time taken to import the application log file.
Action Click on the Load & Search Load & Search link to load the event log file into the inbuilt MySQL DB.
Click on the Load & Search Search link to search through the DB for matching criterias. The search criteria can be Source, Severity, Message, Event ID, Type (or Facility).
Click on the Drop Tables DropDB link to drop the imported log file table.

 

Status of File Import

attention All Imported Log Files will automatically get listed on the Archived Files page.


Copyright © 2008, AdventNet Inc. All Rights Reserved.