If you have more than one Windows Server then I recommend this free utility from SolarWinds. It will help you to track down errors in the Windows system, security and application logs. My killer use for the Event Log Consolidator (ELC) is for practising a neglected troubleshooting technique, namely using a second server for comparison. Give the ELC a try it's free.
Event Log Management Appraisal
- How the ELC Works
- Installing the SolarWinds Event Log Consolidator
- Event Log Management Video by SolarWinds’ Brandon Shopp
- Monitoring Server Event Logs – A Tale from the Trenches
Troubleshooting with ELC
Whenever there is a problem with a Windows server I like to start by examining errors in the system and application event logs. If the problem is not self-evident, then one my favorite techniques for finding the root cause is to compare the sickly server with a similar one which is working normally. In these circumstances, the ability to view side-by-side settings in the this free event log viewer saves time in pin-pointing the problem.
Most of the times when I review any computer logs I need a filter to narrow the search, with the ELC I like to filter both on time (see Last Hour box) and the event ID (see All Logs box). At first the results for event ID are disappointing – not enough filters, but fortunately SolarWinds have incorporated the ability to create your own filters, and this is what speeds up research. Indeed, custom filters are what turn an average utility into a highly efficient log analyser.
Tip: Seek out the Settings menu: Custom Filters tab.
Appriase the Event Alerts & Silencing
In addition to creating your own filters ELC offers a tab for suppressing Event IDs appearing in the consolidator. You could also use Event Alerts & Silencing in a positive manner by creating alerts for events under investigation.
- You do need a Windows Server to install the ELC. It won’t work on a client such as Windows 7, alternatively, if you want to monitor Linux servers than download a 30 trial of SolarWinds sister product LEM.
- Extract the ELC zip file, and then double-click SolarWindsEventLogConsolidator.msi.
- Follow the prompts and install your Event Log Consolidator in:
C:\Program Files (x86)\SolarWinds\SolarWindsEventLogConsolidator\
- I found the only tricky part of the setup was remembering to supply the username in the format of:
YourDom\AdminTypeUser, for example: Companydomain\administrator.
- Think back to that name ‘Consolidator’? Remember that it means that you can add up to 5 servers.
Video Reviewing Event Log Management
by Brandon Shopp of SolarWinds
When I told my old friend ‘Mad’ Mick about the ELC he reminded me of a tale from his time working at a well-known pharmaceutical company. In common with most new network managers, Mick’s boss wanted to stamp his mark on the IT department. His idea of cutting down the errors on the servers was sound, but his method caused a revolt amongst the workforce. The carrot for the team was a $100 bonus per month, the stick was they lost $1 for each error in the system event log.
Despite Mick and his co-workers best effort, when the new manager inspected the logs at the end of the month he found 335 errors. Worse still, the payroll was programmed to pay them basic wage + server bonus (+$100), but less the errors (-$335). Hence the techies’ revolt at an instant pay cut of $225!
I am sure that you haven’t got the boss from hell, and you will be impressed with the way SolarWinds ELC displays the Windows server logs.
My review of SolarWinds Event Log Consolidator would not be complete with a word about the Thwack forum. I discovered that if you right-click on the SolarWinds ELC icon a shortcut menu appears, from which you can select a hyper-link directly to the Thwack user forum. This is a good place to ask questions, and also see how other techies are using ELC.
Life after ELC »» LEM (Log & Event Manager)
If you want to log more than 5 Windows servers, or you wish to monitor Linux servers then take a free trial of SolarWinds Log & Event Manager. I recommend that you use the little brother Event Log Consolidator for a week and then download LEM to maximize your time with its free 30-day trial.
There are three aspects to LEM:
a) Keeping your network running smoothly
b) Computer security
c) Compliance to industry standards.
The two extra features of Log & Event Manager are analysis of router logs, and the ability to take corrective action based on events registered in the logs.
Summary: SolarWinds Event Log Consolidator
The built-in Windows event logs contain all the information you need to understand what is happening, and what is going wrong on your servers. The only problem is there is so much information, and this is multiplied if you have 4 or 5 servers. The solution is install this free utility; the keyword is Consolidator, which enables side-by-side analysis of the event logs.
Additional Free and Trial Network Software
Here are my reviews of tried and tested applications to monitor your network. Most of these utilities are free, while the others are the full program, but time restricted. SolarWinds are a great source of free specialist tools. A constant theme is a free gadget for testing, backed-up with a comprehensive suite for programs for larger organizations. I like the way that big companies subsidise their smaller brethren… until they become large companies!