Windows Event Log Monitor

Windows Event Log Monitor works with .NET Agent Extension Manager to capture and report specific windows events.

Contents

Windows Event Log monitor require extension.xml and WindowsEventMonitor.dll file to be placed in a new folder under <Extension Manager Root Directory>/Extensions

Prerequisites

  • .NET Agent Extension Manager
  • The AppDynamics .NET Agent
  • .NET 4.0 or later

Installation

Download, unzip and copy extension.xml and WindowsEventMonitor.dll in a new folder under Extensions directory of .Net Extension Manager. Please refer to the next section for detailed steps.

Getting Started

  1. Create a new folder under Extension Manager root directory. We can name it according to type of events we want to capture like IISEventMonitor or simply WindowsEventMonitor
  1. Copy extension.xml to this folder.
  1. Edit extension.xml to provide controller details and target specific events.
    • Change the name of extension if required. (It will take the folder name if we leave it blank.)
      <extension type="Event" name="WindowsEventLogMonitor" enabled="true">
      
    • Provide controller user credentials. These are required for publishing custom events to the controller. For single-tenant controllers, use "customer1" for the account. Controller host/port are read from the Agent Configuration file (config.xml).
      <controller-info user="username" account="customer1" password="password" />
      
    • Associate event to any business transaction, node or tier. This is optional and if we leave these commented then the event will be associated with application only.
        <controller-event-properties>
          <add key="bt" value="/MyBT.aspx"></add>
          <add key="node" value="MyNodeName"></add>
          <add key="tier" value="MyTier"></add>
        </controller-event-properties>
      
      NOTE: The node, BT, and Tier names must match an existing Tier/Node/BT exactly, or an error will be generated and event will not be registered. Also valid property combination are : Only Tier, BT+Tier, Node+Tier, BT+Node+Tier.
    • Specify filters to target any event(s) using following parameters:
      • EventLogPath: Possible values are Application or System or Setup, etc . It is required and we can not remove this parameter.
      • EventSources: We can provide any event source. Multiple values can be provided as comma separated strings. If we leave it empty it will report all event sources.
      • EventID: We can provide any event Id. Multiple values can be provided as comma separated strings. If we leave it empty it will report all event id.
      • EventLogEntryType: Possible values are Error, Information or Warning. If we leave it empty it will report all event types.
      • EventLogMessageContains: We can provide any strings to be matched in event message. Multiple values can be provided as comma separated strings. This parameter can be left empty or commented.
  1. Save the file and launch Extension Manager UI. We should be able to see WindowsEventMonitor extension listed under "List of extensions loaded"
  1. Start Extension Service, if it was stopped or Restart for the changes to take effect.
    • We will see new custom events sent to the controller. We should be able to view link to Custom Events on Application Dashboard. For more details https://docs.appdynamics.com/21.10/en/appdynamics-essentials/monitor-events.

Troubleshooting

If you're not seeing events reported to the controller, check to make sure the controller credentials are correct and try removing node/tier or BT mapping if added. If this doesn't help, check the Logs folder for any errors.

Upgrade

  1. Upgrade to latest version of extension manager.
  2. Copy new extension.xml and make appropriate changes.
  3. Start Extension Service to use latest version.

Release Notes

2.0.0
  1. Support for non-classic event sources.
  2. Make event source filter optional to capture all events.

Notice and Disclaimer

All Extensions published by AppDynamics are governed by the Apache License v2 and are excluded from the definition of covered software under any agreement between AppDynamics and the User governing AppDynamics Pro Edition, Test & Dev Edition, or any other Editions.

View code on GitHub
  • Owner

  • Contributors

    +2Github contributors
  • Categories

  • Products

    AppDynamics
  • Programming Languages

    C#
  • License

    Apache License 2.0

Code Exchange Community

Get help, share code, and collaborate with other developers in the Code Exchange community.View Community
Disclaimer:
Cisco provides Code Exchange for convenience and informational purposes only, with no support of any kind. This page contains information and links from third-party websites that are governed by their own separate terms. Reference to a project or contributor on this page does not imply any affiliation with or endorsement by Cisco.