Source

The source that logged the event to the Windows event log. You can specify up to sixteen sources. Multiple sources must be separated by commas.

EventType

The classification of the event assigned by Windows. Valid values are as follows:

vError

vWarning

vInformation

vAuditSuccess

vAuditFailure

vUnknown

The following examples show prefiltering statements. The first statement is on multiple lines due to space restrictions.

PreFilter:Log=Application;Source=MyApp;EventId=1000,2000, \ 3000;EventType=Warning,Information;

PreFilter:Log=Security;

PreFilter:Log=Application;Source=TECWinAdapter;

Format File

The format file contains message format descriptions and their mappings to BAROC events. The message fields of a Windows event are matched against the format descriptions in this file and when a match succeeds, the corresponding IBM Tivoli Enterprise Console event is generated by the adapter. The format file contains predefined mappings for some common Windows events and can be customized to add any new messages.

A Windows event is written to an ASCII message in the following sequence:

vThe date expressed as month, day, time, and year.

vThe event category, expressed as an integer.

vThe event type (Error, Warning, Information, AuditSuccess, AuditFailure, Unknown).

vThe Windows security ID; any spaces in this field are replaced by an underscore if the proper registry variable is set.

vThe Windows source; any spaces in this field are replaced by an underscore if the proper registry variable is set.

vThe Windows event identifier.

vThe message text.

The subfields, except the message text field, are derived from the event header in the Windows event object. The output message after formatting is bound against a format description. A formatted error message from the Windows service control manager can look like the following example:

Jan 15 15:06:19 1998 0 Error N/A Service_Control_Manager 7024 \

The UPS service terminated with service-specific error 2481.

For details about format files, see “Format File” on page 17 and Appendix B, “Format File Reference” on page 145.

116IBM Tivoli Enterprise Console: Adapters Guide

Page 128
Image 128
IBM Enterprise Console manual Source, EventType

Enterprise Console specifications

IBM Enterprise Console is a robust solution designed to centralize and streamline IT operational monitoring and management. As organizations increasingly rely on complex IT infrastructures, including cloud services, on-premise systems, and hybrid environments, the need for an effective monitoring tool has become paramount. IBM Enterprise Console addresses these needs by providing a comprehensive view of IT operations, enabling organizations to respond to incidents with agility and precision.

One of the key features of IBM Enterprise Console is real-time monitoring. The solution offers a single pane of glass through which IT teams can observe the performance of various systems and applications. This capability allows organizations to detect and respond to incidents promptly, minimizing downtime and ensuring that services remain available for end users. The console integrates seamlessly with multiple data sources, allowing for the aggregation of alerts, events, and logs from diverse IT environments.

Another significant aspect of IBM Enterprise Console is its automation capabilities. The platform supports automated workflows and incident management processes, helping to reduce the workload on IT teams. Automation not only enhances efficiency but also ensures consistency in incident response. By leveraging predefined rules and actions, organizations can standardize their operational protocols, leading to faster resolution times and improved service quality.

The IBM Enterprise Console utilizes advanced analytics and artificial intelligence to enhance operational insights. Machine learning algorithms can help identify patterns and anomalies in system performance, allowing organizations to anticipate potential issues before they escalate into critical incidents. This proactive approach to IT monitoring not only improves reliability but also fosters a culture of continuous improvement across the organization.

Security features are also integrated into the IBM Enterprise Console, allowing for the monitoring of security incidents alongside IT operations. This unified approach helps organizations to respond more effectively to security threats, enabling them to correlate operational and security data for a comprehensive view of their infrastructure.

In conclusion, IBM Enterprise Console stands out as a powerful tool for IT operations management. Its real-time monitoring, automation capabilities, advanced analytics, and integrated security features make it an ideal solution for organizations looking to enhance operational efficiency and responsiveness. By leveraging this technology, businesses can ensure that their IT environments remain stable, secure, and aligned with their strategic goals.