• 0

Windows Event Log Correlation

Go to solution Solved by Stuart Weenig,



First post and I'm new to LM, though an old hand at monitoring and alerting so be gentle 🙂

I've searched these forums and found a couple 'feature requests' to be able to alert only if message X appears greater than Y times within Z minutes in the Windows Event Log rather than alerting for every occurrence of message X. None of the posts appear to have a solution... Is this still the case? Either an official solution or a work around?

Many Thanks



Link to post
Share on other sites

3 answers to this question

Recommended Posts

  • 0

Yeah, we ended up having to pay extra for SumoLogic, but could be anything.  Still would be nice to have the barest level of correlation so you could effectively ACK events.

Link to post
Share on other sites
  • 0
  • Administrators

I have heard rumors that functionality like this is gaining traction in the backlog. Having the ability to specify which log event opens the alert, which closes, which counts as an update, etc. Pile on with your CSM. The best way to get features pushed through is to have a bunch of customers asking for it.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.