ITarian feature request - Event Log in Devicelist Summary

PLEASE PLEASE add a menu item in the ITarian portal, when viewing an individual device under device-list / pcname / summary for EVENT LOG that shows all the events in the PCs event log in the last 30 days. These events can be gathered up during device check-in and displayed in ITarian even if the system is offline. Other RMMs do this. It is a feature that I sorely miss.

I HATE having to wait for a machine to be online and then connect remotely in order to view the event log. Ridiculous.

PLEASE add this feature! :frowning: :frowning: :frowning:

Hello @nnsit

Thank you for bringing this particular suggestion to our attention. We have forwarded the information to our development team and we will get back
to you the soonest possible we can.

With Best regards,

I keep getting alerts that a critical event was logged, but no indication of what that event was. And so I have to go remotely log on to that PC and disturb the end user just to check the event log.

Totally agree, the point of a good RMM is to allow us to do our job and check things like this without disturbing the end user.

+1 for this feature.

What I do currently, is when an event log monitor is triggered, I have a follow up script that runs on autoremediation that pulls the last 100 or so events from the log that was triggered and emails it to me (though can easily just be accessible from the procedure logs of the device at that point)

@eztech Exactly what we do at the mo.

Care to share that followup script? I’d like to implement that! Thanks.

Believe this is a default script, we use it when we remember but our library is getting huge to remember what we have sometimes.

@StrobeTech We use - and/or are currently implementing - a combination of methods to keep track of them; for “Scripts”, also read Procedures and Monitors. Probably a phrase involving grandmothers and eggs comes to mind, but for what it’s worth:

  • Naming conventions - Start script name with the Primary category to which it relates.
  • Comments - In the Script comments box tag other categories and relevant info - although only 254 characters allowed.
  • Procedure Folders - Use an appropriate folder and sub-folder structure, similar to the one in the Predefined Procedures folder.
  • Spreadsheet - Matrix of scripts and categories for filtering and grouping. This also integrates the complete list from the web page script library at https://scripts.itarian.com/frontend/web/ (see comments below).
  • Basic flow charts: Scenarios with branching for the most likely requirements situations
And the hardest part? Marry up the 700 scripts in the script library with the 417 in the Predefined Procedures :eek:. as they often have different names :rolleyes: Regularly check the Created date sort in Predefined Procedures for added ones, ditto using the "Updated At" sort option in the "All" list on the web script library.

All this still leaves a number of orphaned, one-off scripts :wink: with just a Primary category. It’s almost a Job Position on it’s own if you throw in dev and testing.

Exactly!

The point of all this is to make our lives easier and more accessible so we can spend more time helping our clients and not wasting it on systems.

Hello @amcssit

Thank you for bringing this particular suggestion to our attention. We have forwarded the information to our development team and we will get back
to you the soonest possible we can.

With best regards

Have been testing it. Doesnt work. Despite several dozen alerts now, I never get an email.

Hi @nnsit,

May you please share that script that you are having problem with?Is it the script it self that is not working or the emailing alert part only? You mention that you are receive dozens of alerts, are they the event log from the device or alerts that was generated by the monitoring script?

For receiving email alert, you have the option to add additional recipients to send an alert email to your email address.
https://wiki.itarian.com/frontend/web/uploads/image/1568201511onBzB

If you need further assistance, please feel free to email us at support@itarian.com and we’ll more than happy to help.

Thank you.

Apologies, I missed this. I typically use powershell scripts for most things, and just run them within the python procedure. I recall having issues with the default script or it just didnt do what I wanted, I can’t recall exactly. This is why I usually fall back to powershell, since I already have a huge library I’ve been collecting/creating for years.

Attached an export of one of the procedures for reference.

Currently I have one procedure for each event type and log (Application - Error, Application - Warning, System - Error, System - Warning). Eventually I want to optimize this a bit better and just use one script but haven’t gotten around to that yet, and this has been working well.

You’ll need to modify the script for your use. Specifically:

  • Line 80: $LogName = "System" - Change to the event log you want events from
  • Line 86: $Newest = 30 - The amount of event logs the script will email to you. I settled on 30 as a good number but can increase or decrease as needed
  • Line 89: $EntryType = "Error" - Change to the type of event you want to the script to include
  • Lines 91 - 110: - These lines contain the variables for sending the email (smtpserver, credentials..etc)

Once you have one procedure, then just copy and change the logname and/or entrytype as needed. Then set them to run as autoremediation on a monitor that triggers for each corresponding event log.

If you have any questions let me know

I hope this helps!

20190727-Email-Event-Log-Error.json (9.27 KB)

This is a feature worth having. I would agree that viewing the device’s event log without the user interruption is extremely valuable to the work we do. At present, you’d have to remote into the device to view the event log while the device is in use. It would be handy if it would be possible to view the logs even if the device is offline. I definitely will keep tabs on this!

Hello @vntanseng

We have created a ticket on your behalf and added you to the list of recipients to receive an update for this feature.

With best regards