New Insights on Event Logging
RippleTech's LogCaster allows Windows administrators to collect, filter and take action on the most critical events.
- By Michael Feuda
Are you a Windows administrator in charge of monitoring numerous servers
and the mission-critical applications running on those servers? If so,
you probably spend much of your valuable time checking the event logs
and overall status of those boxes. LogCaster by Ripple Technologies offers
administrators a way to centrally monitor events, services and performance
for multiple Windows-based and TCP/IP host machines. In addition to watching
the Windows event log, you can also monitor the contents of a text file
like an application's log file. LogCaster also provides you the ability
to generate reports for both events and performance.
I installed LogCaster without a hitch in just a couple of minutes. LogCaster
uses a client/server architecture, including an Event Dispatcher Server
(EDS) acting as a central repository for information and agents installed
on various clients. To begin using LogCaster, I launched the LogCaster
console. The console's look and feel is very similar to Microsoft Outlook.
On the left-hand side are the Dashboard and Configuration tabs. The right-hand
side is split in half, with the top portion offering a view of such things
as machine-specific events or service status, and the bottom portion showing
more details on the current selection. LogCaster provides a handful of
sample configuration files for monitoring service and performance on common
platforms and BackOffice products, including Citrix Metaframe, Compaq
Insight Manager, Exchange, IIS, SQL Server and Proxy Server. You can also
set up your own custom Event Watcher rules by right-clicking on an event
in the Live Events tab, and selecting "Create Event Watcher Rule."
Alternatively, you can easily create a user-defined rule, with a variety
of criteria and options.
| LogCaster's console is your
first stop for event views and configuration
options. (Click image to view larger version.)
LogCaster offers a number of notification methods for critical events.
You can select from traditional dial-up paging, Internet e-mail, Skytel
paging, or SNMP traps. You can use LogCaster to Query, Restart, Stop or
Start services for Windows servers, including remote servers. You can
also opt to reboot a Windows server with as much as a 10-minute delay.
The Tools menu also includes the ability to configure event log management
for managed Windows servers. I also liked the ability to take corrective
action for specific monitored events, including processing a batch file,
executable, command file or Perl script.
LogCaster offers plenty of logging and notification alternatives, as
well as good documentation and online help. On the downside, I tend to
rely on the right-click mouse button to explore advanced or other property
options, but this capability isn't widely implemented in LogCaster. Most
tasks are accomplished from the menus instead. LogCaster's strength lies
in its flexibility and wide array of customization options, as well as
its ability to centralize information from multiple computers in a single
interface. Overall, for enterprise event logging, I found LogCaster to
be powerful and full of handy options that will help any administrator
keep track of mission-critical applications and servers.
Michael Feuda, MCSE, NNCDS, is an independent writer. He has worked
with Microsoft products since the days of LAN Manager.