Buyer's Guide: Event Log Managers

Let's face it. Reviewing event logs is about as fun and tedious as reviewing bank, credit card, 401(k), explanation of benefit (EOB), and other statements. You know you should be reviewing them regularly to look for errors, potential problems, and important messages, but something else always seems to come up, so you put it off until tomorrow. If tomorrow never comes, you might consider getting an event log manager.

Event-log management products—aka event log managers—can help end the procrastination and the worries associated with neglecting that important task. They can automatically monitor your event logs and alert you to system performance problems and possible security risks. This month's buyer's guide gives you an overview of 13 event log managers.

Virtually all the event log managers on the market today monitor six key Windows logs:

  • Application log
  • Directory Service log
  • DNS Server log
  • File Replication Service log
  • Security log
  • System log

Since that's the case with all the event log managers in this year's buyer's guide, these six logs aren't listed in the product table. Instead, the buyer's guide concentrates on whether the products monitor additional event logs, such as the event logs of other Microsoft applications (e.g., Exchange Server, SQL Server), third-party applications (e.g., IBM WebSphere, DHCP for Linux), and custom event logs.

Most event log managers not only monitor event log data but also help you analyze and act on it. To this end, they offer features such as event filtering and automatic alerts. Event filtering sifts through and categorizes events based on their content. When certain error codes or event-description keywords are found, the event log manager automatically notifies you. The notifications can be delivered a variety of ways, including delivery by email, IM, and Short Message Service (SMS). With some event log managers, you can have error codes or event-description keywords automatically trigger an action. For example, you might have a specific error code trigger the immediate shutdown of a server.

Although some events warrant immediate attention, the majority do not. However, you'll still probably want to know about them. That's where reporting capabilities come into play. Some event log managers will automatically generate prebuilt reports for you or let you design custom reports. Others can generate compliance reports that can help you prove compliance with regulations or provide historical trending so that you can see event trends over time.

Besides covering monitoring, analysis, alerting, and reporting features, the buyer's guide covers the basics. For example, it tells you the supported Windows server and client OSs and whether the event log monitor is agent-based (i.e., an agent is installed on each computer to be monitored) or agentless (i.e., at least one server or workstation is used to monitor the event logs of servers and workstations on a network).

Note that the information in this buyer's guide is meant to jump-start, not replace, your own research. The buyer's guide provides the vendors' URLs and telephone numbers so that you can further explore their products and ask them questions. If you come across a product that you think should be in this buyer's guide, let me know about it. Although I tried to make this buyer's guide as comprehensive as possible, some products might have been left out due to an oversight or due a lack of response a vendor. (The information comes from vendor representatives and resources.) I'll gladly add your product to the online product table as a service to our readers if it falls within the confines of this buyer's guide.

TAGS: Windows 8
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.