How to collect security logs from Windows operating systems and store them for later analysis and reporting with Systems Center Operations Manager (SCOM).

We are having issues retrieving event log files from server event viewers to store in Systems Center Operations Manager (SCOM). The events that are showing are from Operations Manager log file. Is there a management pack that will allow us to view other events from system, application, & security log files? Or is there another way to store these records in SCOM?

vhabalnortolAsked:
Who is Participating?
 
Wonko_the_SaneConnect With a Mentor Commented:
You can do this in SCOM, of course.
Just create a custom rule (Authoring tab in SCOM console), make it an Event Collection, and define the criteria so it catches the events you want in the database, e.g. Log name, Event ID, etc.

0
 
ggefterCommented:
i know that you can save the events as a file for viewing later. You might be able to import them depending on the format nesesary for the import. They can be saved as .txt, .xml, .csv or as a file to be viewed in the event viewer of any windows pc, but i forget the ext that goes with that.
0
 
SysExpertCommented:
I agree. You can use event viewer to access any machine to see and save logs.
 See what formats SCOM can import.

I hope this helps !
0
All Courses

From novice to tech pro — start learning today.