| Name | Microsoft Windows |
| Versions | N/A |
| Type | Operating System |
| logtypes | windows, windows-application, windows-security, windows-system |
In order to deploy the Windows App use the following page to prepare the log data - Preparing Windwos Event Logs Data.
Deploying the App
- Deploy the Microsoft Windows App available in the XpoLog Windows setup or by getting the App package from XpoLog website.
- Once the App is successfully deployed (by default) all logs tagged in logtype: windows, windows-application, windows-security, windows-system will be included App. To change that simply edit the App and specify which logs to include or exclude.
Open and Use the App
- Click on the deployed App
- When the App will open you will see a list of available predefined dashboards. In each dashboard you can find a set of visualization gadgets, rules and searches that analyze the Microsoft Windows event logs.
Windows Dashboards and Gadgets
The Windows application contains a set of dashboards:
- Overview - a general overview of the Windows environmnet including requiered restarts, updates errors, policy changes, etc.
- Events Viewer - a console that enables events view from selected servers/domains/logs
- Events Statistics - general statistics of top used sources, categories, types and event codes
- Audit - a high level analysis of top applications, sources, users operations, events, etc.
- Trends - logging activity of servers and logs over time last 1 day vs. last 7 days
- Users Overview - users activity review such as logons over time, top users operations report, logons vs. logoffs, etc.
- Application Installs - a report of total installed applications failed and successful
- Application Crashes - a report of applications crashes by event/host
Use the user inputs while viewing a dashboard to filter the view to the desired values such as servers, domains, accounts, etc.