Windows events dashboard

Monitor Windows event logs to track system and application issues that might create problems in the futureThe dashboard about Windows events displays the following information:

  • Log volume statistics from security, applications, and systems
  • Log event distribution by channel, level, computer, and provider name
  • Log volume and count by Event ID 

For instructions about creating or editing dashboards, see Configuring-dashboards-panels-and-queries. For information about dashboard concepts, see Setting-up-dashboards.

Related topics

Modifying-date-and-time-format-in-dashboards

Sharing-and-embedding-dashboards

Adding-and-configuring-a-data-source

The following image shows the analysis of the Windows event logs with sample data:

Windows_Event_Dashboard.png

For a list of icons and operations that are common across dashboards, see BMC-Helix-Dashboards-overview.

To view the dashboard

  1. From the navigation menu menu_icon.png, click Dashboards.

  2. Click the Log Analytics folder and then click Windows events.

    Tip: Quick access from the home page

    To quickly open the dashboard from the home page, mark it as a favorite by using the star icon. Additionally, after you open a dashboard, it is available under Recently viewed dashboards on the home page.

Panels in the Windows events dashboard

The following table describes the panels in the Windows events dashboard:

Panel

Description

Example

Dashboard filters

Displays the following filters to view information on the dashboard:

  • Channel
  • Computer
  • Level
  • Provider Name
  • Event ID

Provider Name is the container or task name of the source where the Windows events have occurred. 

By default, the dashboard displays the data for the last 24 hours. You can filter the data by using the time range global filter.

Filters_Windows_Event_Dashboard.png

Log volume statistics

Displays total collected log volume and log volumes for:

  • Security
  • Applications
  • Systems

LogVolStats_Windows_Event_Dashboard.png

Log event distribution by Channel

Displays the percentage of logs collected from various channels (Security, Applications, and Systems).

ByChannel_Windows_Event_Dashboard.png

Log event distribution by Level

Displays the percentage of logs collected for each log level (Information, Warning, and Error).

ByLevel_Windows_Event_Dashboard.png

Log event distribution by Computer

Displays the top 5 computers from where you are collecting Windows events.

ByComputer_Windows_Event_Dashboard.png

Log event distribution by Provider Name

Displays the number of events collected for each provider name.

ByProvierName_Windows_Event_Dashboard.png

Log event distribution volume by Event ID

Displays the log volume collected for each Event ID.

Vol_byEventID_Windows_Event_Dashboard.png

Log event distribution count by Event ID

Displays the number of events collected for each Event ID.

Count_ByEventID_Windows_Event_Dashboard.png

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*