Freigeben über


Test fire any event on any server from any application

 

Golden Oldies - always popular (tools vs music)

 

Old Holman blog that's still relevant, even more powerful than EventLog Explorer

 

Basically anyone who wants to test fire events off a SCOM MP should use this tool.

Event Create, write-eventlog all have limitations (certain event sources that can be used to create events, or event ID number limitations)

 

 

First, download the 2007 R2 Admin ResKit here

MomTeam blog reference

 

Double click the downloaded MSI

 

I prefer to move extracted files under my SCOM tools/Management pack directory structure under MonAdmin (Monitoring Admin)

Copy extracted files to gold depot

 

 

 

Move to gold depot - SCOM \ tools \ <toolname here>

 

 

Go into the MPEventAnalyzer directory

Run the exe

 

MP Event Analyzer

Click on Investigate Event Sources Tab (bottom middle)

Don't forget you can use the search bar (where I typed apm)

 

For my example, double click on APM Agent

 

 

Search Events on right hand pane

 

Check checkbox to select the 1319 APM event for configuration error (right hand pane)

Click the 'Add selected events to execution list'

Once event verified in bottom box, click the green box to fire selected event(s)

 

 

 

Verify event in Event Viewer

 

 

Validate Management Pack

Stay tuned... this did not complete the validation process.

Comments

  • Anonymous
    December 19, 2018
    hi guys :)has anyone tried with "security-auditing" log? when i choose it from the list i get a prompt "cannot retrieve event information for provider microsoft-windows-security-auditing. reason: acces is denied" ? any ideas?
    • Anonymous
      December 19, 2018
      Hello Thomas, Are you running MP Analyzer, or EventLog Explorer?Are you running this as administrator?If MP Analyzer, what pack are you loading?I don't see Microsoft-Windows-Security-Auditing on a 2016 server with EventLog Explorer, can you explain further?
      • Anonymous
        December 20, 2018
        (The content was deleted per user request)
      • Anonymous
        December 20, 2018
        im using MP Event Analyzer, im choosing "investigate event sources" then from the list trying to open "Security-Auditing"(im running the app as admin)