- My favorite Windows Event log tools - Tue, Nov 1 2011
You probably know Event Viewer, a baked in Windows tool. For sophisticated event log analysis, you often need additional tools. Some of the tools discussed here are applications, and some are websites.
EventID.NET
I have a paid subscription for EventID.NET, and use this database for event ID searches. The site is a repository of almost all Windows event IDs and offers in-depth write ups, screenshots, and links to external sources. A one year subscription for an individual costs $29 USD.
EventID.net -Search for event IDs
ServerFault.com
The consistently useful ServerFault.com website has served me well since its inception. It is a crowd-sourced community of experts based on a Digg type voting system, in which a poster asks questions based on issues they are confronted with, usually scenario based, with Event IDs.
ServerFault.com - Question and answer site for admins
Experts-Exchange.com
Experts-Exchange.com is another community site which is not limited to any platform or architecture. It has a similar voting system as Serverfault.com and issues awards based on the helpfulness of the "experts".
Notice that Experts-Exchange.com is not free. After the 30-day free trial, prices vary from $12.95 USD for the monthly plan to the the two year plan for $189.95 USD.
Experts-Exchange.com - Tech support from experts
ManagEngine EventLog Analyzer
I have used many of ManageEngines free tools, and EventLog Analyzer is my favorite. The tool works with Unix/Linux/Windows and can be configured to give real time alerts and offers sophisticated reporting features. The holy grail of all IT logging is the centralized logging ability. EventLog Analyzer can also collect logs from devices such as routers, web services and FTP servers. The free version supports up to 5 hosts. The Professional Edition starts at $395 USD for 10 hosts. Check out the price list for other configurations.
Eventlog tool ManageEngine EventLog Analyzer
GFI EventsManager
GFI EventsManager provides similar features as the ManageEngine product offering real time alerts and support for SNMPv2 traps. I like the auto archive feature and its search filters. GFI doesn't offer a free edition but you can download a free trial. For a Server and 10 clients, GFI EventsManager costs $440 USD.
Event log tool GFI EventsManager
Netikus.net EventSentry
EventSentry offers quite a few interesting features that go far beyond event log monitoring and analysis: Compliance tracking, package managing, compliance tracking, log file monitoring, system health monitoring, and web reports. EventSentry Light is its free version and is a must-have tool for every admin doing event log analysis. Check out the comparison table to get an overview of the capabilities for its free and full version. A configuration with 10 hosts will cost you $698 USD. The complete price list can be found here.
Event log tool - Netikus.net EventSentry
Do you know any other good event log analysis tool?
“@Bryan. I have a tool I think you should add to your list: NetWrix Event Log Manager. It has real-time alerting, archiving for up to 7+ years, robust reporting and consolidation of event logs and includes many predefined reports specifically for various regulatory auditors. The product is available as freeware or in an enterprise version. Please have a look: http://www.netwrix.com/event_log_archiving_consolidation_freeware.html
Chris Rich
Product Manager
NetWrix Corporation
Thanks Chris, i’ll be sure to take a look!
Log analyser or 😀
Here’s another one for the list:
http://www.logalyze.com
Open Source and free
LOGalyze is an open source, centralized log management and network monitoring software. If you would like to handle all of your log data in one place, LOGalyze is the right choice. It supports Linux/Unix servers, network devices, Windows hosts. It provides real-time event detection and extensive search capabilities.