PLEASE PLEASE add a menu item in the ITarian portal, when viewing an individual device under device-list / pcname / summary for EVENT LOG that shows all the events in the PCs event log in the last 30 days. These events can be gathered up during device check-in and displayed in ITarian even if the system is offline. Other RMMs do this. It is a feature that I sorely miss.
I HATE having to wait for a machine to be online and then connect remotely in order to view the event log. Ridiculous.
Thank you for bringing this particular suggestion to our attention. We have forwarded the information to our development team and we will get back
to you the soonest possible we can.
I keep getting alerts that a critical event was logged, but no indication of what that event was. And so I have to go remotely log on to that PC and disturb the end user just to check the event log.
What I do currently, is when an event log monitor is triggered, I have a follow up script that runs on autoremediation that pulls the last 100 or so events from the log that was triggered and emails it to me (though can easily just be accessible from the procedure logs of the device at that point)
@StrobeTech We use - and/or are currently implementing - a combination of methods to keep track of them; for “Scripts”, also read Procedures and Monitors. Probably a phrase involving grandmothers and eggs comes to mind, but for what it’s worth:
Naming conventions - Start script name with the Primary category to which it relates.
Comments - In the Script comments box tag other categories and relevant info - although only 254 characters allowed.
Procedure Folders - Use an appropriate folder and sub-folder structure, similar to the one in the Predefined Procedures folder.
Spreadsheet - Matrix of scripts and categories for filtering and grouping. This also integrates the complete list from the web page script library at https://scripts.itarian.com/frontend/web/ (see comments below).
Basic flow charts: Scenarios with branching for the most likely requirements situations
And the hardest part? Marry up the 700 scripts in the script library with the 417 in the Predefined Procedures :eek:. as they often have different names :rolleyes: Regularly check the Created date sort in Predefined Procedures for added ones, ditto using the "Updated At" sort option in the "All" list on the web script library.
All this still leaves a number of orphaned, one-off scripts with just a Primary category. It’s almost a Job Position on it’s own if you throw in dev and testing.
Thank you for bringing this particular suggestion to our attention. We have forwarded the information to our development team and we will get back
to you the soonest possible we can.
May you please share that script that you are having problem with?Is it the script it self that is not working or the emailing alert part only? You mention that you are receive dozens of alerts, are they the event log from the device or alerts that was generated by the monitoring script?
Apologies, I missed this. I typically use powershell scripts for most things, and just run them within the python procedure. I recall having issues with the default script or it just didnt do what I wanted, I can’t recall exactly. This is why I usually fall back to powershell, since I already have a huge library I’ve been collecting/creating for years.
Attached an export of one of the procedures for reference.
Currently I have one procedure for each event type and log (Application - Error, Application - Warning, System - Error, System - Warning). Eventually I want to optimize this a bit better and just use one script but haven’t gotten around to that yet, and this has been working well.
You’ll need to modify the script for your use. Specifically:
Line 80: $LogName = "System" - Change to the event log you want events from
Line 86: $Newest = 30 - The amount of event logs the script will email to you. I settled on 30 as a good number but can increase or decrease as needed
Line 89: $EntryType = "Error" - Change to the type of event you want to the script to include
Lines 91 - 110: - These lines contain the variables for sending the email (smtpserver, credentials..etc)
Once you have one procedure, then just copy and change the logname and/or entrytype as needed. Then set them to run as autoremediation on a monitor that triggers for each corresponding event log.
This is a feature worth having. I would agree that viewing the device’s event log without the user interruption is extremely valuable to the work we do. At present, you’d have to remote into the device to view the event log while the device is in use. It would be handy if it would be possible to view the logs even if the device is offline. I definitely will keep tabs on this!