How do I monitor a Windows Event Log other than the default ones?

Modified on 2025-06-10 15:19:21 +0200

I'm trying to monitor the event log on a clustered node for any changes in virtual machine location. I've found the correct location and event ID I want to be notified for but the log is not in the list of the Windows API Event Log defaults. The log I need is the Microsoft-Windows-FailoverClustering/Operational log.

Thanks,

Scott

Article Comments

Hello,

Thank you for your message.

Regarding your demand, I'm afraid that the event log sensors are not able to monitor a specific log file. However, you can develop a script which uses the PowerShell cmdlet Get-WinEvent -LogName "" to get the entries from it, and then return the number of entries which match your filter(s).

Here is the documentation of the Get-WinEvent cmdlet: https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.diagnostics/get-winevent?view=powershell-7.1

To execute the script in PRTG, you can use the EXE/Script or EXE/Script Advanced sensor.

I invite you to have a look to the manual regarding custom sensors: https://www.paessler.com/manuals/prtg/custom_sensors

Kind regards.

Nov, 2020 - Permalink

Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.

How do I monitor a Windows Event Log other than the default ones?

Article Comments

Search

Attention

Related Articles