ELM Enterprise Manager collects all your events, application logs, Syslog, SNMP and performance data and standardizes it into a Windows Event format allowing you to streamline your operations and create real-time alerts. This collection is accomplished utilizing a variety of different monitoring features listed below.
Event and Log Management Features
Real-time event collection from any Windows event log with full message details.
Event Collector Details
The Event Collector monitors all Windows event logs. When an event matching a specified filter is determined it is transferred to the ELM Server and then stored in the database.
ELM will run queries against the database to populate Event Views and trigger notifications as well as generate reports.
Unlike some event log products, ELM provides the ability to collect ALL events by default, and filter them down accordingly for your specific needs.
Securely moves and clears native .evtx files off host machines.
Event File Collector Details
Event File Collectors do just that – collect raw .evtx logs on Windows desktop and server operating systems. You can specify which logs to collect, and optionally clear the Event Logs at each collection interval. Collected .evtx files can be compressed and signed if a signing certificate is available.
The Event File Collector operates at a scheduled interval you determine. At each interval, the Event File Collector will attempt to talk with the Log service, select the appropriate log files and then copy the specified Event Log Files from the assigned Agents to a defined storage location.
The files are be stored by default on the ELM Server in a sub folder.
Determines if specified events have NOT been written within a given time period.
Event Monitor Details
The Event Monitor compares new events against a set of Include and Exclude Event Filters. If an event matches or fails to match these criteria within the specified interval, a local Action is executed under the local administrator account.
Actions include writing an event to the database when an event is found, or not found, so that the occurrence can be queried against for a view or to trigger a notification.
A command script can also be launched to perform a corrective action.
Receives Syslog Messages from Linux/UNIX systems and network devices.
Syslog Receiver Details
The Syslog Receiver is configured to process and parse Syslog messages from network devices and Linux/UNIX systems. Supporting both UDP and TCP, these messages are converted to the standard Windows event log format.
Like Windows events, they are stored in the database and queried against to create concise views and trigger alerts or notifications.
The Syslog Receiver is a valuable tool for supporting firewalls and the security of Windows networks.
Queries SNMP Object IDs and compares result to expected values.
SNMP Monitor Details
The SNMP Monitor includes a MIB browser that queries a SNMP Object ID (OID) and triggers an Action if the value is greater than, less than, or equal to a specified value for warnings, success, or failure.
Events generated can be written to the ELM database or to an Application log.
It extends the status monitoring of ELM beyond Windows systems and into SNMP supported network devices.
Detects changes in OS versions, new and existing applications, and installed hardware.
Inventory Collector Details
The Inventory Collector gathers data about what is installed on each Windows-based system. You can collect data on the Windows operating systems, installed services, and applications that have been installed and added to the Programs and Features applet in the Windows Control Panel.
The Inventory Collector also allows you the flexibility to add specific services to the Inventory or exclude certain products (by default all products are included in the inventory).
Tests performance objects/counter/instances against target results using >,=, or < operators.
Performance Monitor Details
Performance Monitors can be used to monitor any published performance counter for a condition that is greater than, less than or equal to a threshold value you determine for the specified duration that is appropriate for your server’s function.
By using Performance Alarms, you can be alerted when disk space, memory or CPU has reached unexpected or out-of-bound levels.
Scheduled collection of any Windows published performance counter/object/instance.
Performance Collector Details
The Performance Collector supports proactive system management and resource monitoring by passing collected data to the Dashboard and comparing against pre-determined thresholds for bottleneck status displays. Any published performance objects, counters and/or instances can be collected at a set frequency on a scheduled basis.
Detects new processes, failed processes and monitors CPU thresholds.
Process Monitor Details
The Process Monitor provides a comprehensive view of a system’s process activity. The Process Monitor is multi-functional; it can notify you when a process has exceeded the threshold of CPU usage you specify and it can track when processes are started or terminated.
It can also generate a Warning or Error when the number of instances of a process exceeds your specified value.
Monitors for changes in service states from Running, Paused, and Stopped.
Service Monitor Details
The Service Monitor detects and responds to changes to the service status. It monitors changes into the conditions:
It is commonly used with the Command Script notification to restart a failed service. Alerts can be triggers that confirm a service has stopped and was successfully restarted. This empowers administrators to combine monitoring with automated corrective actions.
Queries the Windows Management Instrumentation namespaces for results change.
More WMI Monitor Details
If you are using Windows Management Instrumentation (WMI) — the Microsoft implementation of Web-Based Enterprise Management (WBEM) — you can use WMI Monitors to query a WMI namespace and database.
The WMI Monitor queries the WMI namespace (typically rootcimv2) and generates Events when the results of the query change that you can be notified on. Common applications include detection of new external drives and file changes.
It’s a powerful tool for expanding the data sources available to identify system changes or activities.
Executes a connection to a specified TCP port and evaluates availability and quality of service.
TCP Port Monitoring Details
The TCP Port Monitor allows you to monitor virtually any TCP Port. The ELM Server (not an Agent) makes the actual connection to the port, allowing you to monitor TCP port availability on any operating system.
And more provided that you have TCP/IP connectivity to that system from the ELM Server. Each TCP Port Monitor can poll a single port and you can have numerous TCP Port Monitors enabled.
It evaluates the port’s availability and Quality of Service. Different actions can be triggered if it succeeds, fails, or the response time is slower than expected.
Executes a connection to a FTP site and evaluates availability and quality of service.
FTP Monitor Details
The FTP Monitor item monitors the status and availability of an FTP site – any valid and accessible FTP server on your network.
An application-layer FTP connection to the FTP Server is made at your specified interval and anonymous or authenticated connections are supported. By default, port 21 is used, but the Monitor can be configured to use any port.
Because the ELM Server (not an Agent) makes the FTP connection, you can monitor FTP server availability and Quality of Service (QOS) on any operating system running FTP server software such as Unix, Linux, Novell, Solaris, etc.
Monitors SSL Certificate for expiration and 9 different status changes.
Web Page Monitor Details
Web Page Monitors are used to monitor HTTP or HTTPS URLs. The ELM Server periodically establishes an HTTP connection to the server and port specified. If the response is negative, slower than expected, or if the content has been changed, a variety of notification options can be triggered.
Note that multiple Web Page Monitors can be assigned to the ELM Server or to Service Agents. This means you can create Web Page Monitors independent of the number of Agent licenses you have purchased.
Connects to the ELM Agent listening port and restarts an Agent if non-responsive.
Agent Monitor Details
The Agent Monitor performs periodic checks on ELM Service Agents. ELM is able to check on it’s own Agents reporting back. If communication fails unexpectedly they can automatically cycle themselves. If the Service Agent does not respond or is slow responding, notifications can be triggered to carry out corrective actions.
Schedules a “Heartbeat Event” for Point-to-Point Verification.
Event Writer Details
The Event Writer is designed to ensure events are being collected and the monitored system is sending events to the ELM Server. This type of point-to-point verification goes beyond a simple Ping and ensures that the system is actually reporting as expected.
At the Agent level, the Event Writer publishes a pre-configured event on a schedule into the local Application Event Log. ELM can be configured to look for this event, ensuring events are being collected and the system is functioning correctly. This fault tolerance feature tests the entire loop from event generation, to collection to filtering and notification.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.