EventMeister 3.0
Pros: Inexpensive; plentiful export options; alerting capabilities
Cons: Can’t open EVT or EVTX files directly
Rating: 4 out of 5 stars
Price: Starts at $129.99 for a single license, which entitles you to monitor an unlimited number of workstations and servers.
Recommendation: If you're not bothered by the inability to directly open EVT and EVTX files directly, EventMeister is a powerful and effective log manager you might like. Contact: Technology Lighthouse • 44-0-141-891-5884 |
EventMeister 3.0
Technology Lighthouse's EventMeister (see Figure 4) lets you set up a service to collect data when no user is logged in. Before viewing any log file data, you set up an Event Log Feed, which gathers events from the computers you want to monitor into one ongoing feed. You choose which event logs to include, how you want event information to be gathered, and how often to poll and update the feed with new data.
EventMeister uses either a “Read from log” option, which generates the feed by capturing all events from the log, including those stored before the application was installed; or it uses a “Catch events” option to capture new events, omitting older events. You can add new feeds from other computers to an existing group or create a new group and populate that with new feeds.
After the feed is created, the event log you chose is automatically downloaded. You can see a list of each event including such fields as type, date, and category.
You can also create a feed by opening a CSV file. This is a useful option if you already have several feeds exported and saved into one single CSV file. However, there’s no way to open an EVT or EVTX file directly. For this option to work, you’d have to save your event logs as CSV files directly from Windows’ Event Viewer.
You can sort by clicking on any heading, and and you can show or hide any column to limit the information displayed. You filter the data in a feed by adding a field on which to filter the data and manually typing in a value. You can also apply conditions such as equal, greater than, or begin or end with a particular value, offering you a great deal of flexibility. Searching for an event is simple: You enter a text string or numeric ID to find a specific event or event type.
Export options are plentiful. You can export a feed to an HTML document, choosing from among six different template formats. You can also export a feed to other formats, including CSV and XML. I found the custom report creation was smooth and easy to use.
EventMeister can notify you via email or PC if a certain event is triggered. You can set criteria so that a notification is sent under specific conditions.
Corner Bowl Log Manager 2009
Pros: Smooth management of multiple computers; slick use of Active Directory for adding computers
Cons: Main UI too crowded and cluttered; dialog boxes sometimes confusing. The report generation tool was difficult to use.
Rating: 3 out of 5 stars
Price: Starts at $129 to monitor up to 20 computers (but can’t be installed on a server); $259 and up to monitor more computers and install on servers
Recommendation: Corner Bowl Log Manager is an inexpensive yet powerful and robust log manager. Contact: Corner Bowl Software • 866-501-8670 |
Corner Bowl Log Manager 2009
Corner Bowl Log Manager 2009 (see Figure 5) offers both event log and text log management. A dashboard alerts you to the status of the CBLM service, shows which log events were last polled, and displays pie charts of computer logs. I found the Dashboard cluttered with information that I didn’t yet need, especially when opening the program the first time.
The Network Explorer panel displays a treeview of your local machine with branches for each log. To see the events, you access a pane at the bottom of the main screen. You can also trigger a manual download by selecting the Download Events command. This process felt awkward at first, but it worked successfully.
Each event appeared in a separate row in the center pane. Clicking a specific event revealed all its details crowded into a small window. Overall, I found the event window poorly designed and difficult to work with.
To add new computer logs to manage, you can run a wizard or you can open the Event Log Explorer pane, browse your local network, then select the computers and logs to download. I found this a smooth process. A creative option lets you automate the adding of new computers through Active Directory.
Before opening your event logs, CBLM gives you a quick filtering window, so you can open all events or only specific ones. To organize your various log files, you create groups, a convenient way to manage them.
You can quickly sort the event list by clicking a specific header or you can group events by dragging column headings. To do quick filtering, you use the event type’s toolbar button or configure more advanced filtering. As for search, you can run a simple search on your list of events by running the Find command and entering a text string to locate.
You can back up and save a log in CSV, EVT, text, HTML, or XML. You can also directly open an EVT (but not EVTX) file.
I found the report generation tool confusing. Before you set up a report, you create an Action, which specifies the output or destination of the report. Then you can generate a report by running a wizard. You specify the type of report, the name, its frequency, the computer or computers and logs to include, filters to use, and finally the action to apply.
Easy Log Management
Even with the newer event filtering and search options available in Server 2008, event log managers offer many benefits over Windows’ Event Viewer. Whether you choose one of the above or an equally worthy solution, log managers offer flexibility and time-saving features that will simplify your job.