DX Infrastructure Management

Expand all | Collapse all

security ntevl monitoring

Jump to Best Answer
  • 1.  security ntevl monitoring

    Posted 08-14-2017 12:44 PM

    Hi All,

    We are using ntevl probe  to monitor the security log for type:10 interactive logins. The probe alerts fine on the expression trigger. But we are trying to get a daily list of all the interactive logins that occur in a report format.  When you set QOS you only get a number of times its occured. How do you get the user names to be stored so this information can be reported on?

     

    TIA



  • 2.  Re: security ntevl monitoring
    Best Answer

    Posted 08-14-2017 12:48 PM

    I do not believe this would be possible as QOS messages are stored as numeric information in the database.

    There would have to be an ER to add the ability to store none numeric information with QOS



  • 3.  Re: security ntevl monitoring

    Posted 08-15-2017 11:17 PM

    Hi Gene,

    I understand that the database only stores metrics. But what alternative method(s) could be used to take the event and store it for reporting on.  Say like  some way to use NAS to forward these events to a file that will record the events?  Anybody out there have a solution they have already worked out that doesn’t require waiting indefinitely for an ER.

     

    Patrick



  • 4.  Re: security ntevl monitoring

    Posted 08-16-2017 09:12 AM

    Just thinking aloud, how about to have the ntevl trigger a script/command to write the contents to a file.



  • 5.  Re: security ntevl monitoring

    Posted 08-16-2017 09:25 AM

    Yeah, I was thinking like something along those lines but I didnt know how effecient it would be. Sounds like it may be resource intensive. Anyone else with an better alternative?  The event logging database stores text events from UIM event logging. Could ntevl events be channeled over there as well and stored in that database?

     

     

     

    Sent from my T-Mobile 4G LTE Device