{"id":7230,"date":"2021-03-25T10:04:41","date_gmt":"2021-03-25T15:04:41","guid":{"rendered":"https:\/\/www.poweradmin.com\/blog\/?p=7230"},"modified":"2020-10-27T13:12:08","modified_gmt":"2020-10-27T18:12:08","slug":"which-event-log-events-should-you-worry-about","status":"publish","type":"post","link":"https:\/\/www.poweradmin.com\/blog\/which-event-log-events-should-you-worry-about\/","title":{"rendered":"Which Event Log Events Should You Worry About?"},"content":{"rendered":"<p>When you are configuring your <a href=\"https:\/\/www.poweradmin.com\/help\/pa-server-monitor-8-2\/monitor_event_log.aspx\">event log monitor<\/a> settings, you need to decide which event log events you need to worry about. Event logs are generated for a wide array of processes, applications, and events. Logs will record both successes and failures. As such, you need to decide what data is most vital and needs your immediate attention.<\/p>\n<h2><strong>Types of Event Logs<\/strong><\/h2>\n<p>There are several types of event logs you can monitor, including:<\/p>\n<ul>\n<li>\n<h3><strong>Application Log<\/strong><\/h3>\n<p>\u2013 This event log will collect data from your applications.<\/p><\/li>\n<li>\n<h3><strong>Security Log<\/strong><\/h3>\n<p>\u2013 Any security type issue will be tracked in this event log.<\/p><\/li>\n<li>\n<h3><strong>File Replication Log<\/strong><\/h3>\n<p>\u2013 Events will be recorded related to the replication of files between domain controllers.<\/p><\/li>\n<li>\n<h3><strong>System Log <\/strong><\/h3>\n<p>\u2013 The system log records events related to the operating system and the devices the operating system controls.<\/p><\/li>\n<li>\n<h3><strong>DNS Server Log<\/strong><\/h3>\n<p>\u2013 This event log is only available if you use a DNS server for naming resolution.<\/p><\/li>\n<li>\n<h3><strong>Directory Service Log<\/strong><\/h3>\n<p>\u2013 If you use Active Directory (AD), then you will have a directory service log that records events related to AD.<\/p><\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p><a href=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2021\/03\/1-1.gif\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-7233\" src=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2021\/03\/1-1.gif\" alt=\"\" width=\"848\" height=\"620\"><\/a><\/p>\n<h2><strong>Types of Events Recorded by Event Logs<\/strong><\/h2>\n<p>Just like there are several different types of event logs, there are also several different types of events you can record based on the configuration of your server monitoring software, such as:<\/p>\n<ul>\n<li>\n<h3><strong>Warnings<\/strong><\/h3>\n<p>\u2013 Warnings are events that can be tracked and recorded that can alert you to potential problems before they become major issues\u2014like when you are running out of disk space on a server.<\/p><\/li>\n<li>\n<h3><strong>General Information<\/strong><\/h3>\n<p>\u2013 These types of events are tracked to let you know devices, applications, and other processes have been successful. They will also let you know when a service has started, a driver loaded correctly, and so on.<\/p><\/li>\n<li>\n<h3><strong>Errors<\/strong><\/h3>\n<p>\u2013 Any errors that occur in the event logs you are monitoring will alert you to problems that need your immediate attention\u2014like drivers not starting when they should.<\/p><\/li>\n<li>\n<h3><strong>Critical Errors <\/strong><\/h3>\n<p>\u2013 These types of errors mean something critical has gone wrong, such as a hard drive failing.<\/p><\/li>\n<li>\n<h3><strong>Security Log Failures<\/strong><\/h3>\n<p>\u2013 These events are related to security and should be reviewed immediately. They can be issues like unsuccessful logins, user account lockouts, and so on.<\/p><\/li>\n<li>\n<h3><strong>Security Log Successes<\/strong><\/h3>\n<p>\u2013 These events are also related to security and record success events, such as a user successfully logging onto a server.<\/p><\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p><a href=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2021\/03\/2-1.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-7234\" src=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2021\/03\/2-1.png\" alt=\"\" width=\"893\" height=\"519\" srcset=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2021\/03\/2-1.png 893w, https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2021\/03\/2-1-300x174.png 300w, https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2021\/03\/2-1-768x446.png 768w\" sizes=\"auto, (max-width: 893px) 100vw, 893px\"><\/a><\/p>\n<h2><strong>Event Log Monitoring \u2013 Putting It All Together <\/strong><\/h2>\n<p>The types of events you should be worried about are warnings, errors, or failures. These all indicate something is wrong. In some cases, they could even mean a potential hack and data breach. You need to develop an event log monitoring and audit plan to decide which events you want to configure, which ones are important, when to be alerted, and how alerts are delivered.<\/p>\n<p>\u00a0<\/p>\n<p>Keep in mind, there can be other types of events you will want to monitor, such as changes to user permissions, new account creation, account deletion, erasing of event logs, policy changes in AD, etc. These types of events could indicate you have a hacker or malware on your network.<\/p>\n<p>\u00a0<\/p>\n<p>The easiest way to configure your servers, monitor events, and customize what types of events you want to record, track, and be alerted to is to use PA Server Monitor. This monitoring software makes it easy to quickly set up monitoring.<\/p>\n<p>\u00a0<\/p>\n<p>Best of all, you don\u2019t have to know where event logs are stored on the servers or how to access and review them. You just open your monitoring software desktop to configure, review, and access your event logs.<\/p>\n<p>\u00a0<\/p>\n<p>For further information about <a href=\"https:\/\/www.poweradmin.com\/products\/server-monitoring\/?f=e\">PA Server Monitor<\/a> and our other <a href=\"https:\/\/www.poweradmin.com\/\">server monitoring software<\/a> or to request your FREE no-obligation, full-access 30-day trial, please feel free to contact Power Admin at 1-800-401-2339 today!<\/p>\n<p>\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>When you are configuring your event log monitor settings, you need to decide which event log events you need to worry about. Event logs are generated for a wide array of processes, applications, and events. Logs will record both successes and failures. As such, you need to decide what data is most vital and needs [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":7234,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,10,6],"tags":[],"class_list":["post-7230","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general-it","category-power-admin","category-tech"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/7230","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/comments?post=7230"}],"version-history":[{"count":3,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/7230\/revisions"}],"predecessor-version":[{"id":7235,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/7230\/revisions\/7235"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media\/7234"}],"wp:attachment":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media?parent=7230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/categories?post=7230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/tags?post=7230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}