Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

  

Name

Microsoft Windows

Versions

N/A

Type

Operating System

logtypes

Logtypes

windows,

windows-

application,

windows-

security,

windows-

system

...

In order to deploy the Windows App use the following page to prepare the log data - Preparing Windwos Windows Event Logs Data.

Deploying the App

  1. Deploy the Microsoft Windows

    App available

    App available in the XpoLog Windows setup or by getting the App package from XpoLog website.

  2. Once the App is successfully deployed (by default) all logs tagged in logtype: windows,

    windows-

    application,

    windows-

    security,

    windows-system will

    system will be included  App. To change that simply edit the App and specify which logs to include or exclude.

Open and Use the App

  1. Click on the deployed App.

  2. When the App will open you will see a list of available predefined dashboards. In each dashboard you can find a set of visualization

    gadgets

    widgets, rules and searches that analyze the Microsoft Windows

    event logs

    event logs

Windows Dashboards and

...

Widgets

The Windows application contains a set of dashboards:

  • Overview - a general overview of the Windows

...

  • environment including

...

  • required restarts, updates errors, policy changes, etc.

  • Events Viewer - a console that enables events view from selected servers/domains/logs.

  • Events Statistics - general statistics of top used sources, categories, types and event codes.

  • Audit - a high level analysis of top applications, sources, users operations, events, etc.

  • Trends - logging activity of servers and logs over time last 1 day vs. last 7 days.

  • Users Overview - users activity review such as logons over time, top users operations report, logons vs. logoffs, etc.

  • Application Installs - a report of total installed applications failed and successful.

  • Application Crashes - a report of applications crashes by event/host.

Use the user inputs while viewing a dashboard to filter the view to the desired values such as servers, domains, accounts, etc.

...