Server monitoring is now easier with


    Hi Habr! A few years ago, we encountered a problem that was probably familiar to most companies doing business on the Internet - how to effectively monitor servers and eliminate unexpected outages as much as possible?

    Servers running Windows Server have a very effective source of information about the operation of the system, event logs (Window Event Logs). There you can find almost everything, reports on problems of reading / writing hard drives before trying to select passwords through external services. However, the event log interface does not provide convenient remote connectivity. Most system administrators have to log into each server individually and rummage through the thousands of events that the system generates every few hours.

    Software solutions that make the work of the system administrator a little easier and collect all the necessary data on one screen are very expensive. For example, a set of log monitoring tools from costs from $ 2500.

    A couple of years ago, we developed for our internal use a small service that collected data from their event logs and sent everything to a single database. From there, all this was displayed on the administrative page and a review of what happened since the last check began to take only a few minutes a day.
    It was quickly discovered that the service needed to be improved, add filters to hide events that are not important and create an alert service to be able to quickly inform administrators when critical events began to appear in the log.

    So our project was born - Free service for monitoring event logs on Windows servers.

    In the past Christmas and New Year holidays, we launched a public version of our service that allows you to monitor up to three servers for free. In the next few weeks we will add the option of paying via PayPal and if you have more than three servers, you can subscribe to one of our low-cost service packages and we can easily control all your servers from one screen and in a format convenient for you .


    How it works?

    Windows does not provide built-in capabilities to access event logs remotely. Therefore, we developed a small system service that checks logs every few minutes and sends new entries to WinLogViewer. All you need to get started with our service is to register, create accounts for each of your servers and download our application - WinLogViewer Monitoring Agent. It is generated automatically for each of your servers, so for work you do not have to enter any settings, just make the installation.



    Of course, we understand that administrators are wary of everything that requires running on a corporate server, but we have nothing to hide. Our Monitoring Agent is written in C # .net and we will be happy to provide its source code for everyone interested in the integration of our product to legal entities. Your specialist will be able to verify that there are no spyware or malware modules in the code, compile and install the agent on your servers. For this you need to contact us, sign a non-disclosure agreement and download the source code.

    Your data is stored on our servers in the USA and the Netherlands in encrypted form. Access to them is available only to registered users of your organization.


    Once you have configured your servers to work with WinLogViewer and started receiving hundreds of event log entries, it's time to set up filters to filter out events that do not require your attention. It is extremely simple to do this, in each log there is an option to add a filter where you can filter out events that contain or do not contain a keyword. To simplify the creation of filters, we added the [Filter out like this] button to each event in the logs, this allows you to clear the logs from informational debris within a couple of minutes and draw attention to real problems.

    You can create filters and make them available to your colleagues, this greatly simplifies the creation of individual settings for each user.



    With WinLogViewer, monitoring logs has become much easier, but it is certainly better if the service itself will notify you if suddenly events appear in the system that require immediate attention. To do this, we created the Alerts Service which monitors incoming events and notifies the specified persons when certain keywords appear in the records. Configuring alerts as well as filters is available in each log and by creating one setting you can apply it to all other servers and their logs. As recipients, you can choose both registered users in the service, and just an email address. Thus, you can easily configure sending reports to people who are responsible for certain projects or network sections.


    Scheduled Reports

    Do you want WinLogViewer to report what happened on your servers while you were sleeping? Nothing is easier! Create a scheduled newsletter (Scheduled Reports), specify the time when it is convenient for you to receive them and specify the keywords that you need to monitor. For example, every morning, a report for the last 24 hours on topics of interest to you will be waiting for you in your inbox.

    Other goodies

    Of course you can create accounts for your colleagues and give them read-only access to logs or full administrator rights.

    Under each event you will find the [Email] button to send event details to your colleagues.

    We recently added a search to all event logs, which makes finding specific events even easier.

    Future plans

    In the coming weeks we will add the ability to pay for our services through PayPal. This will allow you to connect the SMS alert service and buy the necessary amount of credits for messages.

    In the debugging stage, there is a corporate version of our service that can be purchased and installed in a closed network. If your organization is interested in the internal integration of WinLogViewer, contact us. For several pilot plants, we will offer good discounts and convenient technical support.

    We are interested in developing event monitoring modules for unix systems. If you have programming experience in this area and want to participate in development, contact us.

    We hope you find our service useful and I will be happy to answer your questions.

    Use for

    Update: For unknown reasons, some letters sent to do not reach the addressee. If you registered and did not receive an email confirmation email, please contact us at and we will quickly activate your account.

    Also popular now: