Product Reviews

Make Sense of Your Data

Aelita EventAdmin gathers Event Log information and helps you get a handle on it.

• By Robert L. Bogue
• 06/01/2002

Aelita’s EventAdmin is designed to help you get a handle on your events. Like other similar products, EventAdmin allows you to gather information about the happenings on each server and compile that into one, large database. Where EventAdmin shows its true value is in generating meaningful ways to look at the consolidated event data.

The included reporting console allows you to run a variety of reports, including my favorite, “Events by MSDN article,” which helps you identify the resources you should review to resolve errors occurring on the network. Other predefined reports include the number of reboots a server has undergone, license manager warnings, performance data and problems by computer.

Perhaps one of the most interesting ways EventAdmin helps you make sense of all of the event data is by allowing you to use the high-powered Online Analytical Processing (OLAP) tools included with SQL Server. OLAP allows you to view data in a high-level, cross-tab format and drill down into more detail. OLAP works by providing a series of dimensions or criteria that can be placed in either rows or columns. Each dimension can be collapsed or expanded. For instance, you can view the results of a query for all of the computers by domain or you can expand the dimension to the computers in the domain to see a computer-by-computer breakdown.

EventAdmin even allows periodic queries to be run against the database of events, the results of which can be sent via e-mail, pager, network message, SNMP trap, or a custom program. This is great for sending daily or weekly status reports on the health of the network. However, this isn’t the kind of instant monitoring and notification you might find in other event log management products. It looks back at the database of events over a period of time. This means that it doesn’t support instant notification of events; rather, it supports summarized reporting of the events that have been logged.

EventAdmin can help you determine the root cause of entries in your event logs. (Click image to view larger version.)

The biggest problem with EventAdmin today is that the documentation and online help leave a lot to be desired. Trying to figure out the product is more like exploring a new land than following a map. The product itself is robust enough to automatically create or rebuild the things it needs in most cases. This allows you to stumble through without too many errors. I had to call technical support to figure out how to create the OLAP database, but the process of creating the database itself was simple when I understood how to do it.

EventAdmin is a must for those organizations with multiple servers, particularly when many security events are audited. EventAdmin truly makes it easy to reduce the number of events in the event log and to resolve reoccurring problems.