Name | Microsoft Windows |
Versions | N/A |
Type | Operating System |
Logtypes | windows, application, security, system |
In order to deploy the Windows App use the following page to prepare the log data - Preparing Windwos Windows Event Logs Data.
Deploying the App
Deploy the Microsoft Windows
App availableApp available in the XpoLog Windows setup or by getting the App package from XpoLog website.
Once the App is successfully deployed (by default) all logs tagged in logtype: windows, application, security,
system willsystem will be included App. To change that simply edit the App and specify which logs to include or exclude.
Open and Use the App
Click on the deployed App.
When the App will open you will see a list of available predefined dashboards. In each dashboard you can find a set of visualization gadgets, rules and searches that analyze the Microsoft Windows
event logsevent logs.
Windows Dashboards and Gadgets
The Windows application contains a set of dashboards:
Overview - a general overview of the Windows
...
environment including
...
required restarts, updates errors, policy changes, etc.
Events Viewer - a console that enables events view from selected servers/domains/logs.
Events Statistics - general statistics of top used sources, categories, types and event codes.
Audit - a high level analysis of top applications, sources, users operations, events, etc.
Trends - logging activity of servers and logs over time last 1 day vs. last 7 days.
Users Overview - users activity review such as logons over time, top users operations report, logons vs. logoffs, etc.
Application Installs - a report of total installed applications failed and successful.
Application Crashes - a report of applications crashes by event/host.
Use the user inputs while viewing a dashboard to filter the view to the desired values such as servers, domains, accounts, etc.