Event log model list

The List node displays the list of event log models which are currently defined and are located on the local client. It does not include any models which are in any status of waiting to be assigned to the client.

Parameter

Description

Model Name

The fields of this column list the names of all event models which currently exist in CM . This can either be the name of the model for any predefined models such as the Web History Monitor, or the name of a custom defined model such as a performance counter plus its checksum, for example, Memory_12458942348662.

Category

Provides the category to which the respective model belongs which can be a value such as Resource Monitor or Software Distribution.

Model Note

These fields provide a short description on what the respective model logs.

Activation

The values in these fields define if the respective model is activated, that is, if it stores the generated events. Possible values are Yes for events that are stored on local level and then can be uploaded to the master database, and No , the model is not activated and events will be deleted right after being generated.

Available event log models

The table displays different information depending on the selected event log model. Depending on the currently selected object type, some or all of these models might be available:

Alert & Event

The Alert & Event model logs agent operation events, such as events and alerts generated by operational rules, by the inventory module, security alerts, and so on. It shows the following information for each event:

Parameter

Description

Event Date

The date and time the alert occurred in the default time format.

Device Name

This column is not displayed under the Alerts and Events of a device.

Status

Displays the current status of the event.

  • Acknowledged Alert : The administrator received the alert notification and has already acknowledged it.
  • Unacknowledged Alert : The administrator received the alert notification but has not yet acknowledged it.
  • Notified Alert : The alert notification was sent but the alert has not yet been acknowledged.
  • Unnotified Alert : An alert occurred but its notification has not yet been sent.
  • Closed : The problem that caused the alert was resolved and the alert is now closed.

Severity

Defines the severity of the selected alert, Error, Information or Warning .

Category

Defines the type of event that is being logged.

Sub-category

The alert sub-category to which the alert/event was assigned. This value can be freely defined by the administrator.

Description

Displays the textual description of the alert/event.

Shared

Indicates if this alert is shared with other applications such as BMC Remedyforce or BMC FootPrints Service Core via the external integration. It only appears after the ticket was actually created in the target integration.

Acknowledged by

The name of the administrator who acknowledged the event.

Last Modified By

Displays the name of either the last person that last modified the object or its contents, such as the administrator, or it may be the system that last executed any modifications.

Notes

This free text field can contain additional information concerning the selected object.

Monitored Applications

Logs an event for each application that is monitored.

Parameter

Description

Event Date

The date and time at which the event about the monitored application was logged by the local agent.

Application Name

The name of the monitored application.

Application Version

The version number of the monitored application.

Start Time

The date and time at which the application was started on the local client.

End Time

The date and time at which it was closed again.

Duration (sec)

The time the application was running on the local device in seconds.

Connected User Name

This field displays the name of the user that was connected at the time when the application was launched.

Domain

The name of the domain of the connected user. If the network does not have domains the device name will be displayed here.

Prohibited Application

Logs an event for each prohibited application which was found in the network.

Parameter

Description

Event Date

The date and time at which the event about the prohibited application was logged by the local agent.

Application Name

The name of the prohibited application.

Application Version

The version number of the prohibited application.

Detection Time

The date and time at which the application was found to have started and was stopped on the local client.

Connected User Name

This field displays the name of the user that was connected at the time when the application was launched.

Domain

The name of the domain of the connected user. If the network does not have domains, the device name will be displayed here.

Protected Application

Logs an event for each protected application which was repaired in the network.

Parameter

Description

Event Date

The date and time at which the event about the protected application was logged by the local agent.

Application Name

The name of the protected application.

Application Version

The version number of the protected application.

Fixing Time

The date and time at which the application was repaired on the local client.

Fixed File

The name of the file that was repaired.

Connected User Name

This field displays the name of the user that was connected at the time when the application was repaired.

Domain

The name of the domain of the connected user. If the network does not have domains, the device name will be displayed here.

Software Installations

Logs an event for all successfully executed software distributions:

Parameter

Description

Event Date

The date and time at which the event about the successfully installed software was logged by the local agent.

Operational Rule Name

The name of the operational rule that was distributed and installed on the target devices and its status.

Package Type

The type of package, that is, if it is a custom, MSI, RPM or snapshot package.

Compressed Package Size (MB)

The size of the package.

Status

The final installation status of the package.

Power Management

Logs an event for each energy state change of a device:

Parameter

Description

Event Date

The date and time at which the event about the energy state change was logged by the local agent.

Type

This column displays the type of power event, for example, Sleep , if the monitor turned into sleep mode, Login , if login information were entered to unlock the screen saver, and so on.

Windows Devices

Logs an event for each disabled Windows device:

Parameter

Description

Event Date

The date and time at which the event about the printer monitor was logged by the local agent.

Operation

This column shows the type of operation that was executed on the connected device,that is, Authorized if the device was allowed to connect or Forbidden otherwise. Each operation for the same key is only listed once and will be updated if a status change occurs, that is, if a forbidden USB key tries to connect several times, only the first connection trial will be logged as the event. If this key is then allowed to connect and tries again, this time successfully, the logged event is updated.

Class Type

This field defines for which type of peripheral device the step is to be defined, for example, USB HUB, USB Scanners, USB Storage Devices, and so on.

Description

This field contains the name of the concerned peripheral device.

Connected User Name

This field displays the name of the user that was connected at the time when the event occurred.

Domain

The name of the domain of the connected user. If the network does not have domains, the device name will be displayed here.

Was this page helpful? Yes No Submitting... Thank you

Comments