Monilog Client Main - Report Options
Report Type
The type of the report that should be generated, can be chosen from this list. For an ad hoc report, the available types are:
| 1. | From the last 'X' hours
|
| 2. | From DateBegin to DateEnd
|
| 3. | From last run until now
|
| 4. | From today
|
From the last 'X' hours - MoniLog will analyze all logs including the events reported since 'X' hours ago. 'X' hours is the number entered at the 'X' Hours Option.
From DateBegin to DateEnd - MoniLog will analyze all logs including the events reported from a beginning date specified at the "DateBegin" option until an ending date specified at the "Date End" option.
From last run until now - MoniLog will analyze all logs since its last run.
From Today - MoniLog will analyze all logs created since 00:00 of the current day.
'X' Hours
If the report type is set to "From the last 'X' hours" then this option is enabled. It specifies the number of hours for which the report is generated.
Date Begin
If the report type is set to "From DateBegin to DateEnd" then this option is enabled. It specifies the report begin date.
Date End
If the report type is set to "From DateBegin to DateEnd" then this option is enabled. It specifies the report end date.
Included Keywords
Included Keyword(s) are the keywords that if an event contains any of them it will be displayed regardless of the exclude keywords or excluded event types. The Syntax is "Syntax: keyword1,keyword2, ..." (without quotes). An example is:
administrator,failed
Excluded Event ID-Keyword
The events that have this "keyword" in their description won't be included to the report and this option is used to filter Windows Event messages. The combination "event-keyword" is used in order to have more granularity. The Syntax is "Syntax: EventID1-Keyword1,EventID2-Keyword2" (without quotes). An example is:
578 - seincreasebasepriorityprivilege
Note: the "Include Keywords" has precedence over the "exclude".
Excluded Keyword for non windows events [Keyword1, Keyword2, ...]
The events that have this "keyword" in their description won't be included to the report and used to filter NON Windows Event messages. The Syntax is "Syntax: Keyword1,Keyword2, ..." (without quotes). An example is:
computer01,net-snmp
Failure Audit
If checked, the Failure Audit events will be included in the report, else they won't be.
Success Audit
If checked, the Success Audit events will be included in the report, else they won't be.
Warnings
If checked, the Warning events will be included in the report, else they won't be.
Errors
If checked, the Error events will be included in the report, else they won't be.
Information
If checked, the Information events will be included in the report, else they won't be.