Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Greg.

« What we Love about the Event Log in Server 2008 and Vista (and what we hate in the old Event Log) | Main | Realtime Windows Server Opinion Question #2: What is the IT gadget you absolutely can’t live without and why? »

Server 2008's New Event Log -- Syslog, only 20 years later...

Along with today's theme on the new Event Log, I saw recently that my column in Redmond Magazine has been released. In this column, I talk about the step-by-step process of setting up an event log "subscription" between two Vista/W2008 hosts. The process isn't hard, but neither is it trivial. You'll want to pay special attention to a few key steps in the process...

First, launch the Event Log and click the node for "Subscriptions" on the server. You'll be asked to start the Windows Event Collector Service and configure its start mode to Automatic. This service handles collecting Event Logs from your remote machines.


In our example, the Vista client is the "forwarder computer." The forwarder computer forwards events to the "collector computer," which is our Server 2008 box. Both machines must be running the Windows Remote Management (WinRM) service and the server has to be running the Windows Event Collector Service. To start and automatically configure this service, enter the following at the command prompt on each computer: winrm quickconfig.

[snip]

Once you've finished these steps, you can create a subscription. Subscription data can flow in either direction depending on how you set it up. You always start by creating a subscription at the subscriber computer. Identify the source computers from which it will pull data. From the Subscriptions node in the Event Log, right-click and choose to "Create Subscription." Give the subscription a name and a description. Then choose the destination log where you want to store the incoming data.

The full article includes some great technical detail on the types of subscriptions you can create and why you would want to create them. Its worth a look.

Check it out at:
http://redmondmag.com/columns/article.asp?editorialsid=1868

Tags:            
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Greg Shields on August 8, 2007 12:30 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-windowsserver.com/type/mt-tb.cgi/309

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Greg Shields' Bio:

Greg Shields, is an independent author, instructor, and IT consultant based in Denver, Colorado, and a co-founder of Concentrated Technology. With nearly 15 years of experience in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft systems management, remote application, and virtualization technologies. Greg is a Contributing Editor for Redmond Magazine, MCPmag.com, and Virtualization Review Magazine and is the author of five books, including Windows Server 2008:  What’s New / What’s Changed. Greg is also a highly sought-after instructor and speaker, speaking regularly at conferences like TechMentor Events, and producing computer-based training curriculum for CBT Nuggets.  Greg is a recipient of Microsoft "Most Valuable Professional" award with a specialization in Windows Terminal Services.