Microsoft: Windows Server Event Logs PowerPack, version 101

Version 101 of the Microsoft: Windows Server Event Logs PowerPack has been updated to be compliant with Python 3 and had silo_apps libary added to the PowerPack.

  • Minimum Required SL1 Version: 12.1.0

Before You Install or Upgrade

Ensure that you are running version 12.1.0 or later of SL1 before installing the Microsoft: Windows Server Event Logs PowerPack version 101.

NOTE: For details on upgrading SL1, see the appropriate SL1 Release Notes.

If you are using customized snippet code, you must back up your edits as upgrading this PowerPack will overwrite any changes you may have made.

Preserving Snippet Code for Dynamic Applications

If you are using customized snippet code, you must back up your edits before you upgrade this PowerPack as all customization will be lost. The Enable PowerPack Protection Field does not protect snippet code in this scenario.

To back up your snippet code:

  1. Go to the Dynamic Applications Manager page (System>Manage>Applications) and search for the Dynamic Application you want to customize in the Dynamic Application Name column.
  2. Click the wrench icon () for the Dynamic Application you want to edit.
  3. In the Snippets tab, click the wrench icon () next to the item in the Snippet Registry pane.
  4. In the Snippet Editor, you can edit the following details:
  • EVENT_ID_FILTER_INCLUDE_LIST. Enter a list of Event IDs to include in your event logs.
  • EVENT_TYPE_FILTER_INCLUDE_LIST. Enter a list of Event Types to include in your event logs.
  • EVENT_MSG_FILTER_INCLUDE_LIST. Enter a list of Event Descriptions to include in your event logs. This field supports the use of the * wildcard character.
  • EVENT_SRC_FILTER_INCLUDE_LIST. Enter a list of Event Providers to include in your event logs. This field supports the use of the * wildcard character.
  1. Click the Save button.

Installing or Upgrading to Microsoft: Windows Server Event Logs PowerPack version 101

By default, installing a new version of a PowerPack will overwrite all content in that PowerPack that has already been installed on the target system. You can use the Enable Selective PowerPack Field Protection setting in the Behavior Settings page (System > Settings > Behavior) to prevent the new version of the PowerPack from overwriting local changes for some commonly customized fields.

If you are currently using the Dynamic Applications in the Microsoft: Windows Server Event Logs PowerPack to monitor devices, collection errors might occur for one or two polling cycles during the installation of a new version. To prevent collection errors during an upgrade, you can optionally disable collection for monitored devices before performing the following steps and re-enable collection after the upgrade.

To install the Microsoft: Windows Server Event LogsPowerPack for the first time or to upgrade from a previous version, perform the following steps:

  1. See the Before You Install or Upgrade section. If you have not done so already, upgrade your system to the 12.1.0 or later release.
  2. Familiarize yourself with the Known Issues for this release.
  3. Download version 101 of the Microsoft: Windows Server Event Logs PowerPack from the Support Site to a local computer.
  4. Go to the PowerPack Manager page (System > Manage > PowerPacks). Click the Actions menu and choose Import PowerPack. When prompted, import version 101 of the Microsoft: Windows Server Event Logs PowerPack.
  5. After importing the PowerPack, you will be prompted to install the PowerPack. Click the Install button to install the PowerPack.
  6. See the manual Monitoring Windows Services with PowerShell for instructions on using the PowerPack.

Features

Microsoft: Windows Server Event Logs PowerPack version 101 includes the following features:

  • Dynamic Applications that discover and collect data from Microsoft Windows Server event logs:
    • Microsoft: Windows Server Application Events
    • Microsoft: Windows Server Security Events
    • Microsoft: Windows Server System Events
  • Event Policies and corresponding alerts that are triggered when Microsoft Windows Server event logs meet certain status criteria

Enhancements and Issues Addressed

The following enhancements and addressed issues are included in version 101 of the Microsoft: Windows Server Event Logs PowerPack:

  • Updated Dynamic Applications to be compatible with Python 3.
  • Added silo_apps library to this PowerPack.