FREE: EventSentry Light – Real-time event log monitoring

The free event log monitoring tool EventSentry Light allows you to monitor event logs, log files, remote hosts, services (and control), disk space, file checksums, performance, system time (and set), and monitor temperature (with optional sensors). In addition you can receive syslog & SNMP data and schedule and monitor scripts.

Michael PietroforteMVP By Michael Pietroforte - Tue, October 23, 2012 - 12 comments google+ icon

Michael Pietroforte is the founder and editor of 4sysops. He is a Microsoft Most Valuable Professional (MVP) with more than 30 years of experience in system administration.

Contents of this article
  1. EventSentry Light

NETIKUS.NET has released a new version of EventSentry Light, a free real-time event log monitoring solution for Windows. EventSentry v2.93.1 comes with some great new features, which is why I updated the article. The first part is a general introduction about the tool’s monitoring capabilities and at the end you will find a list of the enhancements in version v2.93.1. Also note that the free light version lifted some important limitations, which makes it interesting for complex environments. You will also learn more about this at the end of the article.

Free EventLog Monitoring - EventSentry Light

Free Event Log Monitoring – EventSentry Light

 The Windows event logs are the first place to check when something goes wrong on a Windows machine. But even more important is to keep a constant eye on the event logs, to ensure you that you will be informed immediately about upcoming problems and if Windows or applications enter certain states you want to be informed about.

One of the main advantages of EventSentry compared to the Windows Event Viewer is that you can easily monitor event logs on multiple machines. Moreover, EventSentry Light has additional monitoring capabilities. For example, it supports environment monitoring (temperature, motion etc.), third-party log file monitoring, and system health checks. With the latter feature, you can monitor the availability of Windows services or processes, performance, and disk space. EventSentry Light also includes basic network monitoring capabilities using pings and TCP connections and supports hardware monitoring. For instance you can monitor USB storage device changes or the S.M.A.R.T. status of hard drives.

Free EventLog Monitoring - EventSentry Performance Alert

Free Event Log Monitoring – EventSentry Light Performance Alert

Essentially, EventSentry Light works like a central filter to extract important information from all event logs in your network. It collects the data, extracts the information that is relevant to you, and notifies you about them. The data is collected by the EventSentry agent that can be easily deployed using the management console. The agent uses filters where you can specify which Windows events are important for you.

These filters are grouped in packages that can be assigned to computers individually or to computer groups. One limitation of the free version is that you can only work with one package with a maximum of five filters.

Once the data is collected, the information can be forwarded to you as e-mail or as pop-up messages on your desktop, instant messaging, or pager. The light version only supports these four notification methods. Note that the full version supports 15 different notification types.

EventSentry Light includes a SNMP trap daemon, an easy way to receive SNMP traps via email or other notification methods. Performance and environment alerts include an attached chart, visualizing performance of a given time period. For example, when the CPU exceeds a certain limit, the alert email will contain an attached chart so you can see an exact history without having to access the reporting interface.

The new features in EvenSentry Light v2.93.1 as announced in the Event Log Blog are:

  • Process Action is now available, so you can now launch scripts and/or processes as a response to event log entries
  • Custom event logs as well as custom event log channels (Windows 2008 and later) can now be monitored
  • Services can now be controlled in addition to just being monitored
  • All event logs can now be backed up
  • Event Log backups can be compressed
  • NTP (Network Time Protocol) feature can now adjust the local time
  • Limits can now be applied to actions
  • Email actions: All features are now available
  • Import/Export feature in management console is now available
  • Variables support is now available

In addition, many limitations compared to the pro version were increased:

  • # of event log filters: Increased to 5 (from 4)
  • # of monitored services: Increased to 6 (from 4)
  • # of event log backup schedules: Increased to 3 (from 2)
  • # of actions: Increased to 3 (from 2)

The free version is now on the same release schedule as the commercial edition and updates for EventSentry will immediately be applied to EventSentry Light as well. Previously, the free version always lagged behind the full version.

Please notice that in this post I could only scratch the surface of this powerful real-time monitoring tool and its new features. For a more detailed description of EventSentry Light and EventSentry please continue reading here:

EventSentry Light

-1+1 (+211 rating, 49 votes)
Loading ... Loading ...
Submit a free admin tool | Free admin tools index | Browse free admin tools
Your question wasn't answered? Ask in the new 4sysops forum!

12 Comments- Leave a Reply

  1. Vili says:

    How about Nagios? You get get the full tool for free and you only pay for support.

  2. Soeren P says:

    Vili: Could you point to a good (compiled) Nagios for Windows? I have heard about it but havent tried it yet…

  3. Vili says:

    I don’t know of any good port of it for Windows. You can just monitor Windows machines, not install Nagios on a Windows machine.
    At work we are provided Nagios as a service by a company owned by IBM.
    If you don’t want a physical Linux box just for Nagios, one workaround could be to get a Linux VM in VPC 2007 and install it there. I haven’t done that myself, but I might give it a try in a couple of months.
    There are some pretty good guides about here http://nagios.sourceforge.net/docs/3_0/quickstart.html
    From the screen shots, EventSentry Light has a good user interface for setting it up.
    In the end it gets to be considering the trade-offs (time to set up, functionality and ease of use) and seeing which solution is better for your use.

  4. I wouldn’t compare EvenSentry with Nagios. Both tools are great monitoring solutions, but for different purposes and environments. EventSenty focuses on Windows event log monitoring. Nagios is a general monitoring solution for Linux environments.

  5. Elvar says:

    I bought Eventsentry at work to monitor all our servers and all our workstations.
    Compared to other central logging solutions is its openness and ease of use. Getting it up and running is very easy and with the help of the webcasts it takes maybe 1-2 hours to understand how it works and having it do what you need to do.
    Though it does lack some nice to have features like being able to use the webinterface to configure clients and events.

  6. RoninV says:

    I’ve been using Event Sentry Lite, in a network environment, to monitor multiple servers and a few workstations, for about a year. Very good tool. This may be a “way out in left field” question but can ES be used to monitor standalones? We have a few Vista computers (non-networked) and would like to monitor folder, file, and program accessed.

  7. Ingmar says:

    2010/08/06 at 5:49 am
    Yes, you can monitor stand-alone computers as well. EventSentry does not require a AD/domain environment, though it will utilize it when it’s available.
    This is usually done by setting credentials on the computer objects in the management console. You can set credentials either globally, on a group, or on a computer.

  8. CypherBit says:

    Never heard of this one before. Thank you.

    Are there any similar, free tools. I need to collect events for about 20 servers and have been using Event Substrictions/Forwarding, which work great if it wasn’t for the fact I only get:

    “The description for Event ID xx from source “whichever” cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

    If the event originated on another computer, the display information had to be saved with the event.”

    I have no idea how to resove this.

  9. tt123 says:

    @Michael : Nagios isn’t a monitoring solution for Linux environments only. Sure, it needs to run on a linux box, but it can monitor windows hosts, and it does it really well. Where I work we have 1 out of 15 servers on linux, and that’s the Nagios server.

    I agree that they are for different purposes though.

  10. tt123, yes of course you can monitor Windows with Nagios, but you can’t say that it was really made for this purpose. For instance, monitoring Windows event logs with Nagios is not really fun.

  11. Ingmar says:

    @CypherBit: Take a look at this blog article: http://www.eventlogblog.com/blog/2008/04/event-log-message-files-the-de.html, it should explain why this is happening, and how to resolve it.

  12. Ron007 says:

    I support home users who often have Office install problems. Telling them to go look in the event viewer is a lost cause.

    Would it be reasonable to suggest they install this tool. Can it be easily (home user) configured to capture Office installation events?

===Leave a Comment===

Login

Lost your password?