Filter
Top Products
Source
The source that logged the event to the Windows event log. You can
specify up to sixteen sources. Multiple sources must be separated by
commas.
EventType
The classification of the event assigned by Windows. Valid values are as
follows:
v Error
v Warning
v Information
v AuditSuccess
v AuditFailure
v Unknown
The following examples show prefiltering statements. The first statement is on
multiple lines due to space restrictions.
PreFilter:Log=Application;Source=MyApp;EventId=1000,2000, \
3000;EventType=Warning,Information;
PreFilter:Log=Security;
PreFilter:Log=Application;Source=TECWinAdapter;
Format File
The format file contains message format descriptions and their mappings to
BAROC events. The message fields of a Windows event are matched against the
format descriptions in this file and when a match succeeds, the corresponding IBM
Tivoli Enterprise Console event is generated by the adapter. The format file
contains predefined mappings for some common Windows events and can be
customized to add any new messages.
A Windows event is written to an ASCII message in the following sequence:
v The date expressed as month, day, time, and year.
v The event category, expressed as an integer.
v The event type (Error, Warning, Information, AuditSuccess, AuditFailure,
Unknown).
v The Windows security ID; any spaces in this field are replaced by an underscore
if the proper registry variable is set.
v The Windows source; any spaces in this field are replaced by an underscore if
the proper registry variable is set.
v The Windows event identifier.
v The message text.
The subfields, except the message text field, are derived from the event header in
the Windows event object. The output message after formatting is bound against a
format description. A formatted error message from the Windows service control
manager can look like the following example:
Jan 15 15:06:19 1998 0 Error N/A Service_Control_Manager 7024 \
The UPS service terminated with service-specific error 2481.
For details about format files, see “Format File” on page 17 and Appendix B,
“Format File Reference” on page 145.
116 IBM Tivoli Enterprise Console: Adapters Guide