1. Home
  2. Tutorials and How Tos
  3. How to Add an Event Log Poller to a Windows Device Subtype

How to Add an Event Log Poller to a Windows Device Subtype

An event log poller can be added to any device subtype intended for Windows devices. You can add event log pollers to an existing Windows device subtype or create a new device subtype specifically for the purpose of collecting Windows event logs. Additionally, you can add as many event log pollers as necessary to each subtype.

To add an event log poller to a Windows device subtype, follow the procedure below.

    1. From the main menu, select Administration → Change Devices → Edit Pollers to open the Polling Administration page (this is where OmniCenter device types are managed).
    2. Click the View Sub Types button to open the Polling Administration: Sub Types page (this is where OmniCenter device subtypes are managed).
    3. Locate the subtype that you would like to add an event log poller to, or click the Create Sub-Types button to create a new subtype.
      • If you create a new subtype, skip to step 2.
  1. In the ACTIONS column of the subtype, click the edit subtype button to open the edit page for the subtype.
  2. On the edit page for the subtype, locate the Event Log Polling section in the Pollers panel, and click the add poller button.
  3. In the Add Event Log Poller window that opens, fill out the available fields with the appropriate information as follows:

    1. In the LOG SOURCE NAME field, enter the name of the software that logs the event. It is often the name of the application or the name of a subcomponent of the application if the application is large. See here for more information.
    2. In the LOG LEVELS field, enter the severity levels of events to fetch as a comma separated list of numerical severity values.
      • For example, “1,2,3,4”. Typically, 1 for Error, 2 for Warning, 3 for Critical, 4 for Informational, etc.
      • (Microsoft documentation on this field is not very consistent. So, to be on the safe side, use a value like “0,1,2,3,4,5,6,7,8,16”.)
    3. In the OUTPUT ERROR PATTERN field, enter a string pattern to identify any error condition while executing the PowerShell commands as part of log fetching.
      • For example, “NoMatchingEventsFound”.
    4. In the TIMEOUT ERROR PATTERN field, enter a string pattern to detect if a timeout error occurred while executing the PowerShell commands.
      • For example, “timeout”.
    5. In the CHUNK SIZE field, enter the number of log messages you want OmniCenter to process per batch.
    6. Click Create to add the event log poller to the device subtype.
  4. Now, any managed Windows device that uses this subtype will begin collecting statistics on its event logs, which can be viewed on its Device Dashboard in the Performance tab.
Updated on June 24, 2019

Was this article helpful?

Need Support?
Can’t find the answer you’re looking for? Don’t worry we’re here to help!
Contact Support

Leave a Reply