4 Replies Latest reply on May 18, 2018 12:59 PM by Brendan Murray

    Windows Event log monitoring issue

    Abhay Bhagat

      Dear Experts

       

      I configured windows event log monitoring policy but i could get any event for same , Please reiew the below screenshot and suggest where i am missing

       

       

       

       

       

       

       

        • 1. Re: Windows Event log monitoring issue
          Betty Neumann

          Hi Abhay, If you were not able to find a way to make this work, please do open a case with Support and the team will assist you with this issue.

           

          Thanks

          Betty Neumann

          • 2. Re: Windows Event log monitoring issue
            Abhay Bhagat

            Thanks Betty for your response,

             

            I updated the values with Event Source and Event id details  and it worked ,

             

            I guess regex was havng some issue  or * does not work  in the configuration .

             

            Will investigate later . Currently it solved the requirements .

             

            Regards

            Abhay

            • 3. Re: Windows Event log monitoring issue
              Betty Neumann

              Thanks for the update Abhay, I am glad you were able to get it working! That's always great news.

              • 4. Re: Windows Event log monitoring issue
                Brendan Murray

                Hi Abhay,

                 

                I can't say for certain what was causing your problem but, based on your screen shot, it looks like you are putting * by itself in the Event Sources and Event IDs fields. Assuming those fields accept regular expressions, * by itself would not work because it is not a valid regular expression. In regular expressions, * is what's known as a quantifier. It matches zero or more occurrences of the expression preceding it. If your intent was to match anything, the correct expression is .* (dot star). In regular expressions, the dot matches any character. When combined with *, it means match zero or more occurrences of any character--in other words, match everything.

                 

                In some contexts, * on its own is a wildcard character. In regular expressions, * needs something in front of it to be meaningful.

                 

                Regards,

                 

                Brendan