Support User Manuals

IBM Enterprise Console Network Router User Manual

Open as PDF

of 194

Chapter 10. Windows Event Log Adapter

The adapter for the Microsoft Windows event log forwards events from a Windows

system to the event server. It is registered with the start-up configuration of

Windows 2000 or Windows NT so that the adapter is started with all the other

applications that are automatically started when Windows is started.

The adapter is a WIN32 process that reads events generated on a Windows 2000 or

Windows NT system, formats them according to the specification in the format

file, and forwards them using Winsock TCP/IP to an event server for further

processing.

Events are gathered from up to six Windows event logs (System, Application,

Security, DNS server, File Replication service, and Directory service) maintained by

the Windows Event Manager, and from any other ASCII log files residing on the

Windows 2000 or Windows NT system. The Windows event log adapter tracks the

messages read from the Windows event logs using up to six registry variables that

contain the most recent highest message read for the System, Application, Security,

DNS server, File Replication service, and Directory service logs, whether the

Windows event log adapter is running continuously or is restarted. You can alter

this behavior using the appropriate switches when the Windows event log adapter

is started.

Two versions of the Windows event log adapter are provided. One is built as a

Windows service, while the other is a WIN32 process that is a command line

interface version. Normally, you should run the Windows service version, since it

runs even when no user is logged in. The command line interface can be used to

help you view console messages for diagnostic purposes. Other than the

service-related differences, both versions perform identically.

This chapter describes how to configure and start the Windows event log adapter.

Adapter Files

The Windows event log adapter package consists of the following files:

README The readme file.

tecinstl_win.cmd

The adapter installation batch file.

instlsrv.exe The adapter installation assist executable file.

tecadwins.exe

The adapter service executable file.

tecad_win.exe

The adapter non-service executable file.

tecad_win.conf

The configuration file.

tecad_win.fmt

The format file.

tecad_win.cds The class definition statement (CDS) file.

© Copyright IBM Corp. 2002 111

previous next