Figure 1: EventLog Overview
As you can see, the treeview has expanded again. You can see a list of EventLogs available on this machine. On the right side, in the main window, you see a table with basic information about the host you are viewing and a table with a summary of all EventLogs. In this table you can see in which proportion the events are spread and basic information about the size and retention time of every Log.
To review the events, choose one of the Logs and click on its name in the treeview or double-click on its name in the table. The Log will open up and start to load the entries from the machine. The application now looks quite similar to the Windows Vista EventViewer.
Figure 2: EventViewer
Please Note:
To keep performance impacts low, the list of events will be loaded only rudimentary. Only the events which are directly visible will be loaded completely. If you scroll around, you have to allow the application to load the new listed events completely.
By clicking on a single event, you can view its details. These will be shown in the lower part under the list of events. Further you can sort the available events by column. With huge amounts of logs this could take some time. If that is the case, a waiting window will pop up.
Figure 3: Waiting Window
You now have several options to deal with your events and logs. First, the buttons and fields above the event list will be explained (explanation from left to right).
Options
Will open up a window with all event details. You can use the copy-button there to directly copy all information into the clipboard for further use.
Help
This button will open the manual when clicked.
Search
With the search field you can find any message. The search itself only works for the event messages. Enter a value you are looking for and hit enter or click on the search button right next to the entry field.
Find Related
By clicking on this button, you can automatically find all Events which are similar to the one which is highlighted.
Refresh View
Click here to check if there occured any new events since you began reviewing this log.
Reset View
This button resets the list and all events will be displayed again.
Status
The status bar shows you, how far the current action is carried out. With the stop button right next to it, you can halt the current action at any time.
Filter Options
With the filter options you can customize the list of viewable events.
The first option you have, is to set a time-frame of available events. Choose the value with the dropdown menu.
The second option you have here, is to set which event types should be displayed. Simply select or de-select from the available type list.
Actions
You can carry out several actions with the selected events.
Once again you have the possibility to show the Event Property Window. This helps you to review the event in detail and let's you copy all information easily.
Further you are able to save the selected events into a text-file format. By clicking on the button, a window will open up, where you can choose the destination as well as file name and file format. You can save as .txt (tab delimited) or as .csv (comma delimited).
And you have the option to remotely clear the EventLog. A window will pop up, asking you to confirm the action.
Please Note:
When having large amounts of events, it could take some time to apply filter settings onto the EventLog of a remote host. Mostly this is because of networking architecture and available system ressources. While doing this you will likely experience EventConsolidator using a huge amount of processing power.