Icon

Comments have been closed on this page. Please use AppMon & UEM Plugins forum for questions about this plugin.

Overview

The Windows Event Log Action Plugin enables dynaTrace to forward incidents into the Microsoft Windows Event Log.The plugin is based on the Windows “eventcreate.exe” command and allows event creation on local and remote machines.

Plugin Details

Author

Christian Grimm (christian.grimm@dynatrace.com)

dynaTrace Versions

5.5, 5.6

License

dynaTrace BSD

Support

Not Supported

Known Problems

 

Release History

2014-03-03 Initial Release
2014-03-04 Backward Compatibility for dynaTrace 5.5

Download

dynaTrace Windows Event Log Action Plugin 1.0.0

Installation

Import the Plugin into the dynaTrace Server. For details how to do this please refer to the Online Documentation on Plugin Management.

Configuration

The following screenshot shows an example configuration:

System:
Optional. Specifies the remote system to connect to.

User:
Optional. [domain\]user specifies the user context under which the command should execute.

Password:
Optional. Specifies the password for the given user context.

Event Log Name:
Specifies the event log to create an event in.

Type:
Specifies the type of event to create. Valid types: SUCCESS, ERROR, WARNING, INFORMATION.

Source:
Specifies the source to use for the event (if not specified, source will default to 'eventcreate'). A valid source can be any string and should represent the application or component that is generating the event.

ID:
Specifies the event ID for the event. A valid custom message ID is in the range of 1 - 1000.

Description:
Specifies the description text for the new event. Variables can be used for dynamic text. Examle:

Example Windows Event Log

Troubleshooting

Please refer to the log file, which contains the full console output of the Windows Event Log Action Plugin:
%dynaTraceInstallation%/log/server/com.compuwareapm.community.plugin.WindowsEventLogAction.action.0.0.log

Feedback

Please provide feedback on this plugin either by commenting on this page or by comments on the Community Plugins and Extensions

  1. Anonymous (login to see details)

    Hello.

    You can post list all Variables by Windows Event Log Action Plugin

    Thanks

     

    1. Anonymous (login to see details)

      Hello Solomon,

      Following list of available variables:

      "%SYSTEM_PROFILE%"
      "%INCIDENT_MESSAGE%"
      "%INCIDENT_NAME%"
      "%INCIDENT_DESCRIPTION%"
      "%INCIDENT_RECORDED_SESSION_ID%"
      "%INCIDENT_RECORDED_SESSION_NAME%"
      "%INCIDENT_SERVER_NAME%"
      "%INCIDENT_DURATION%"
      "%INCIDENT_END_TIME%"
      "%INCIDENT_SEVERITY%"
      "%INCIDENT_START_TIME%"
      "%INCIDENT_VIOLATIONS%"

      Kind regards
      Christian

  2. Anonymous (login to see details)

    Do you have variables is VALUE, Threshold or Measures ?

    1. Anonymous (login to see details)

      Hi Solomon,

      Not at the moment. However, you could easily extend the plugin for reporting additional context information.

      Kind regards
      Christian

  3. Anonymous (login to see details)

    Hi Christian.

      can you give more details about "extend the plugin "

    Thanks

     Kind regards

    Solomon

    1. Anonymous (login to see details)

      Hi Solomon,

      "Extending the plugin" means that the plugin (JAR file) contains the JAVA source code. This makes it easy customizing it and adding new features.

      Please also see following additional resources:

      Manage and Develop User Plugins

      Kind regards
      Christian

  4. Anonymous (login to see details)

    When we tested this plugin, it does not appear to be creating correctly XML formatted events, which makes it difficult for our monitoring system to consume.

    Example text from raw event:

    This event is not displayed correctly because the underlying XML is not well formed. Below is the raw text of the event.
    1300x8000000000000077061Application**.com System Profile: ***  Incident: Average response time degraded Message: Measure Web Page Requests [***/<...>] *** violated threshold. Detail: Observed response time of 116ms is higher than expected. During the last 7d the average response time was less than 53ms. Time: 2016-03-10 08:25:00

    Are there any plans to update this plugin so that it creates properly formatted events (server 2008 +)?

    thanks!

    David 

  5. Anonymous (login to see details)

    Hi,

    When I first install this plugin, On the Installed Plugins tab of the Plugins page, I see a red exclamation point in the "Dependencies resolved" column on the row for the Windows Event Log Action Plugin.  So, some dependency is not resolved.  But I can't figure out what the dependency is.

    I've checked the log files for the server and client and see nothing from this plugin.

    So, how do I determine what the dependency is?

    Thanks,

    Bill

    1. Anonymous (login to see details)

      Never mind.  

      The problem seems to have resolved itself.  I've got a check mark now in the Dependencies Resolved column.

      It's magic!

      Bill

  6. Anonymous (login to see details)

    Hi Christian,

    Have followed the guidelines above and tried to configure our alerts too. Using Dynatrace 6.3 with the latest plugin version 0.8.1 and yet we can't get the alert to populate the Event log. We can see it fires off within the Dynatrace application so we know it's happened. Just can't get the last bit to work. Can you help/advise in any way. Many thanks in advance

    Sanj

    1. Anonymous (login to see details)

      Hi Sanjeev,

      Could you please post the log output of the plugin? It writes a log in every case, regardless of successful or unsuccessful execution. Even without seeing the log, your problem might be related to a permission issue. The plugin is not doing much more that calling eventcreate.exe from Windows OS with some parameters. Since the plugin is executed by the Dynatrace Server, it could be that the user which runs the Dynatrace Server has too few permissions to call eventcreate.exe. You could also try to manually call eventcreate.exe with additional parameters on command line to create a Windows Event with the same user as the Dynatrace Server is running for verifying permissions.

      Kind regards
      Christian

      1. Anonymous (login to see details)

        Hi Sanjeev,

        After checking the logs, it looks like the process which runs the plugin has insufficient permissions to run the eventcreate.exe command:

        2016-09-05 08:52:36 SEVERE [WindowsEventLogAction@com.compuwareapm.community.plugin.WindowsEventLogAction.action] ExitCode 1. ErrorOut: ERROR: Access is denied.
        . StandardOut:

        Please either configure the plugin to use an account with adequate permissions (see plugin properties) or grant the user which runs the Dynatrace Server permissions accordingly.

        Kind regards
        Christian

  7. Anonymous (login to see details)

    Hii Christian,

    Thanks for taking a look at the logs. Sorry they were emailed to you direct, we have a customer that does not want them to be made public. We ran the following command:

     

    c:\Users\marwahas_svc>eventcreate /s hostname /u "Local Service User" /t error /id 601 /l application /d "Test Error"

    WARNING: Passing the user credential for local connection.

    SUCCESS: An event of type 'error' was created in the 'application' log with 'EventCreate' as the source.

     

    Sanj

    1. Anonymous (login to see details)

      Hi Sanj,

      As it looks like the User "Local Service" does not have permissions per default for running the eventcreate.exe command. Would it be possible for you trying to run the Dynatrace Server with a local user which has sufficient privileges? (I've tried this on my local machine and running the Dynatrace Server with a local admin for example solves the "Access Denied" issue.)

      PS: Please note that your experiment from command line is behaving differently because the eventcreate.exe command is still inheriting permissions from the command line cmd.exe of the currently logged in user in your case. This is different to the scenario when the Dynatrace Server is directly started as Local Service.and then runs the eventcreate.exe OS function.

      Kind regards
      Christian

      1. Anonymous (login to see details)

        Thanks Christian, Jacob is getting that sorted with our Wintel team. Will post back an update once done. Appreciate your reply.

  8. Anonymous (login to see details)

    Does anyone have a 6.2 supported version of this plugin that they can share?

    1. Anonymous (login to see details)

      What problem do you have installing this plugin for Dynatrace AppMon 6.2?

      Ingo