Event Log Monitor Properties
The Event Log Monitor Properties window contains the settings for an Event Log Monitor Trigger.
Property Pages
Property pages common to all Triggers
General
Name for this trigger (optional)
Optionally, specify a descriptive name for the trigger.
Enabled
Uncheck this box to disable the trigger. If the trigger is not enabled, adTempus will ignore it (it will not cause the job to trigger).
Minimum Interval
Specify the minimum interval (in seconds) for this trigger. Once the triggers conditions are satisfied and the job is triggered, adTempus will ignore this trigger for the specified interval.
For example, suppose you are using a File Trigger to trigger the job whenever a new file is added to a folder. If you set the interval to 60 seconds, then once adTempus triggers the job, it will ignore any new files that arrive in the next 60 seconds.
Description/Notes
Enter any extended descriptive information or notes for this trigger.
Job Variables
The Job Variables page allows you to define Job Variables that will be set for this job only when it is started by this trigger.
Event Selection
This page defines the conditions for triggering a job. adTempus will trigger your job each time a new event is reported that meets all of the criteria you specify.
Log
Select the log to monitor. A trigger can only monitor a single log.
Sources
Select the event sources (applications) whose events you want to check. You may select any number of sources; if you do not select any source, all sources will be considered.
For example, you might want to trigger based on Error messages logged by a particular application in the Application log. Or you might want to trigger any time an Error message is logged in the System log.
Category
This option is available only if you have selected a single event source. Select the category of messages you want adTempus to examine.
Types
Select the types (severities) to consider. If none are selected, all types are considered.
Include Event IDs
If you want to trigger only when specific events are logged, enter the IDs of those events here. You can specify as many events as you wish, separated by commas.
Event IDs are specific to each application (Event Source). To determine which events IDs you want to capture, consult the documentation for the application in question, or use the Windows Event Log Viewer to examine events the application has logged. The Event Log Viewer will show you the Event IDs for those events.
If you have selected multiple Event Sources, you should not specify Event IDs unless you are sure you know what you are doing (i.e., all of the sources you have selected use the same Event IDs to mean the same thing).
Exclude Event IDs
If you want to ignore certain events, enter the IDs of those events here. You can specify as many events as you wish, separated by commas.
For example, you might want to trigger any time an event of type Error is logged by Source My Application, except if the event ID is 117.
Select events whose message matches
Check this option to select events based on the text of the event message. If the message contains the text you specify, it will be selected. The message does not have to match the specified text exactly: it may contain the specified text anywhere within it.
Use regular expressions
If this option is checked, the match text you enter is treated as a regular expression. If a match for that regular expression is found anywhere within the event message, the condition is satisfied.
Use a script to select events
adTempus will run the script you specify. Information about the event will be passed to the script using the Parameters object and through Job Variables (see list below). Your script then evaluates the event and returns True if adTempus should trigger the job, or False if it should not.
adTempus calls the script only for events that have satisfied all of the other criteria for the trigger.
Job Variables
The Event Log Monitor Trigger sets the following Job Variables, which can be used by a selection script or by other scripts or notification messages in the job.
| Parameter Name | Description |
| EventLogMonitor.EventLog | The name of the log in which the event was recorded (e.g., "Application"). |
| EventLogMonitor.EventSource | The name of the event source. This is the name of the source as it appears in the Registry, and may not be the same as the name displayed in the user interface. |
| EventLogMonitor.EventCategory | The numeric event category. |
| EventLogMonitor.EventCategoryName | The name of the event category. |
| EventLogMonitor.EventType | The numeric event type (severity). |
| EventLogMonitor.EventTypeName | The event type name ("Error", "Warning", "Information") |
| EventLogMonitor.EventID | The numeric event ID. |
| EventLogMonitor.EventMessage | The full text of the message. |
| EventLogMonitor.EventTimestamp | The timestamp for the message in format "yyyy-MM-dd HH:mm:ss". |
| EventLogMonitor.EventKeywords | A comma-separated list of keywords for the event. |
Related Concepts