This tab is used to configure the logging to the Windows NT / 2000 or XP event log. It is primarily included for legacy purposes.
Event Logging Options
Use logsource from service
Takes the service name as logsource for the log entry. This option is enabled by default.
If checked, a special mapping mechanism is activated. In this mode, the Windows event source is set to the IP address of the system sending the Syslog message. In addition, the ID is set to Syslog facility. This mode helps to quickly gather information about the system state in Windows event viewer.
However, this mode has its drawbacks. Effectively, we are writing invalid event source information to the event log. This does not harm any application, but Windows event viewer will try to locate the matching message libraries. Of course, this is impossible. As such, event viewer will warn the user that the message library could not be found. Nevertheless, it will display the complete logged message. This happens only in detail view.
Users should fully understand the implications of this mapping mechanism for their environment before turning this option on.
Custom Event Source
EventSource is now fully configurable with all posibilities the property engine gives you. Please note that content of this field can be configured. Event properties are described in the property replacer section.
Use custom Eventlog Type
The type – or severity – this log entry is written with. Select from the available Windows system values.
The ID to be used when writing to the event log. Different IDs can be used to provide other processes with a consistent interface to specific messages. WinSyslog does not restrict the IDs that can be used. However, if an ID is written that is not registered with the operating system, Windows event viewer places an error message pointing this out before the actual message text. To avoid this text, event IDs 10,000 to 10,100 have been registered with the OS. We highly recommend that these IDs should be used for all custom messages. IDs below 10,000 should not be used as they might potentially interfere with events generated by MonitorWare Agent 3.0 itself.
Message to Log
It is the message which will be logged into the Windows event log. It is fully configurable what is logged into the Eventlog.
Please note that Insert Menu entry allows you to add replacement characters e.g. %msg% - you can write the actual message of an event into the Windows event log.
Please note that The message content of the message field can be configured. Event properties are described in the property replacer section.