The Windows Event Log Action Plugin enables dynaTrace to forward incidents into the Microsoft Windows Event Log.The plugin is based on the Windows “eventcreate.exe” command and allows event creation on local and remote machines.
Christian Grimm (firstname.lastname@example.org)
2014-03-03 Initial Release2014-03-04 Backward Compatibility for dynaTrace 5.5
dynaTrace Windows Event Log Action Plugin 1.0.0
Import the Plugin into the dynaTrace Server. For details how to do this please refer to the Online Documentation on Plugin Management.
The following screenshot shows an example configuration:
System: Optional. Specifies the remote system to connect to.
User: Optional. [domain\]user specifies the user context under which the command should execute.
Password: Optional. Specifies the password for the given user context.
Event Log Name: Specifies the event log to create an event in.
Type: Specifies the type of event to create. Valid types: SUCCESS, ERROR, WARNING, INFORMATION.
Source: Specifies the source to use for the event (if not specified, source will default to 'eventcreate'). A valid source can be any string and should represent the application or component that is generating the event.
ID: Specifies the event ID for the event. A valid custom message ID is in the range of 1 - 1000.
Description: Specifies the description text for the new event. Variables can be used for dynamic text. Examle:
Please refer to the log file, which contains the full console output of the Windows Event Log Action Plugin:%dynaTraceInstallation%/log/server/com.compuwareapm.community.plugin.WindowsEventLogAction.action.0.0.log
Please provide feedback on this plugin either by commenting on this page or by comments on the Community Plugins and Extensions
You can post list all Variables by Windows Event Log Action Plugin
Following list of available variables:
Do you have variables is VALUE, Threshold or Measures ?
Not at the moment. However, you could easily extend the plugin for reporting additional context information.
can you give more details about "extend the plugin "
"Extending the plugin" means that the plugin (JAR file) contains the JAVA source code. This makes it easy customizing it and adding new features.
Please also see following additional resources:
Manage and Develop User Plugins
When we tested this plugin, it does not appear to be creating correctly XML formatted events, which makes it difficult for our monitoring system to consume.
Example text from raw event:
This event is not displayed correctly because the underlying XML is not well formed. Below is the raw text of the event.1300x8000000000000077061Application**.com System Profile: *** Incident: Average response time degraded Message: Measure Web Page Requests [***/<...>] *** violated threshold. Detail: Observed response time of 116ms is higher than expected. During the last 7d the average response time was less than 53ms. Time: 2016-03-10 08:25:00
Are there any plans to update this plugin so that it creates properly formatted events (server 2008 +)?
When I first install this plugin, On the Installed Plugins tab of the Plugins page, I see a red exclamation point in the "Dependencies resolved" column on the row for the Windows Event Log Action Plugin. So, some dependency is not resolved. But I can't figure out what the dependency is.
I've checked the log files for the server and client and see nothing from this plugin.
So, how do I determine what the dependency is?
The problem seems to have resolved itself. I've got a check mark now in the Dependencies Resolved column.
Have followed the guidelines above and tried to configure our alerts too. Using Dynatrace 6.3 with the latest plugin version 0.8.1 and yet we can't get the alert to populate the Event log. We can see it fires off within the Dynatrace application so we know it's happened. Just can't get the last bit to work. Can you help/advise in any way. Many thanks in advance
Could you please post the log output of the plugin? It writes a log in every case, regardless of successful or unsuccessful execution. Even without seeing the log, your problem might be related to a permission issue. The plugin is not doing much more that calling eventcreate.exe from Windows OS with some parameters. Since the plugin is executed by the Dynatrace Server, it could be that the user which runs the Dynatrace Server has too few permissions to call eventcreate.exe. You could also try to manually call eventcreate.exe with additional parameters on command line to create a Windows Event with the same user as the Dynatrace Server is running for verifying permissions.
After checking the logs, it looks like the process which runs the plugin has insufficient permissions to run the eventcreate.exe command:2016-09-05 08:52:36 SEVERE [WindowsEventLogAction@com.compuwareapm.community.plugin.WindowsEventLogAction.action] ExitCode 1. ErrorOut: ERROR: Access is denied.. StandardOut:
Please either configure the plugin to use an account with adequate permissions (see plugin properties) or grant the user which runs the Dynatrace Server permissions accordingly.
Thanks for taking a look at the logs. Sorry they were emailed to you direct, we have a customer that does not want them to be made public. We ran the following command:
c:\Users\marwahas_svc>eventcreate /s hostname /u "Local Service User" /t error /id 601 /l application /d "Test Error"
WARNING: Passing the user credential for local connection.
SUCCESS: An event of type 'error' was created in the 'application' log with 'EventCreate' as the source.
As it looks like the User "Local Service" does not have permissions per default for running the eventcreate.exe command. Would it be possible for you trying to run the Dynatrace Server with a local user which has sufficient privileges? (I've tried this on my local machine and running the Dynatrace Server with a local admin for example solves the "Access Denied" issue.)
PS: Please note that your experiment from command line is behaving differently because the eventcreate.exe command is still inheriting permissions from the command line cmd.exe of the currently logged in user in your case. This is different to the scenario when the Dynatrace Server is directly started as Local Service.and then runs the eventcreate.exe OS function.
Thanks Christian, Jacob is getting that sorted with our Wintel team. Will post back an update once done. Appreciate your reply.
Does anyone have a 6.2 supported version of this plugin that they can share?
What problem do you have installing this plugin for Dynatrace AppMon 6.2?