Windows Event Logs

A Windows event log provides a comprehensive record of system, security, application and custom channels of windows os. Event logs can be used to monitor system and certain application problems and predict issues down the road.

Introduction

The Middleware Windows Event Log integration enables monitoring and forwarding of Windows Event Logs to the Middleware backend. This integration allows you to:

  • Track system and application events with OpenTelemetry.
  • Correlate system and application events across your application stack.

Prerequisites

Ensure that Windows Event Log service is started on the Windows machine.

Middleware Windows Host Agent must be installed on your windows machine. To install the MW Windows Agent, see our Installation Guide.

Configuration Fields

Before moving to setup, there are some configuration fields required to integrate Windows Event Logs. Fields are given below:

  • Channel Name: The windows event log channel to monitor, Drop down with 3 prefilled values - Application, System and Security. Customers can type in custom channel name as well. This is a required field.

  • Collection Interval: The interval at which the channel is checked for new log entries. This check begins again after all new bodies have been read. Duration in seconds. Default to 1s if left empty.

  • Resource Attributes: A map of key: value pairs to add to the entry's resource that customers can configure.

Listing Windows Event Channels

First, identify the Windows Event Log channels you want to monitor.

To list available channels, use PowerShell with the command:

To list channels by activity level, use:

In output, the value under the LogName column represents the channel name.

Setup

Follow these steps to set up the Windows Event Logs integration:

1 Navigate to Windows Event Logs Integration

Go to Installation > Integration > Windows Event Logs Integration as shown in the image

Now, click on Add Host. That will show available windows hosts.

Windows Event Logs Integration

2 Configure the windows event logs channels

After selecting respective host.

Fill all the required fields as per your need.

Click on save and then the configuration will be saved successfully.

Windows Event Logs Integration

Visualize Your Windows Event Logs Metrics

You can now access this metrics data under our Dashboard builder

Windows Event Logs Integration

Troubleshooting

Missing Integrations Menu

If you do not see the Integrations Menu in Middlware, that means your account has not been granted Installation permissions. Contact your system administrator to add the Installation permission to your user role in Settings.

Need assistance or want to learn more about Middleware? Contact our support team in Slack.