5.1 ADDNSRegistrationEventLog

Use this Knowledge Script to scan the Event Log for Active Directory-related DNS registration problems. Each time this script runs, it checks the Event Log for entries matching your selection criteria and raises an event if matching entries are found.

5.1.1 Resource Object

DNS folder

5.1.2 Default Schedule

The default interval for this script is Every 10 minutes.

5.1.3 Setting Parameter Values

Set the following parameters as needed:

Parameter

How to Set It

Event?

Set to y to raise an event if log entries match your selection criteria. The default is y.

Collect data?

Set to y to collect data for charts and reports. If enabled, data collection returns information based on the other parameter values you enabled. The default is n.

Start with events in past N hours

Set this parameter to determine which events are searched for the first time the Knowledge Script is run. Subsequent searches begin where the last search finished. The following entries are valid:

  • Enter -1 to search all current and previous System Log events during the first interval.

  • Enter 0 to search only for current events; previous events are not searched.

  • Enter the number of hours to go back in the System Log to scan for matching events. For example, enter 8 to scan the last 8 hours of the System Log for matching entries.

The default is 0.

Monitor events of type:

Set to y for each type of event you want to monitor:

  • Error

  • Warning

  • Information

  • Success Audit

  • Failure Audit

If you enable data collection or events, and set any of these parameters to n, this script does not raise an event or collect data for that type of log entry.

The default is y.

Filter the [...] field for

To limit the types of entries that raise AppManager events and the type of data that is collected, enter a search string that filters the following fields in the Windows Event Log:

  • Category. Specify one or more text strings to look for in the Category field. Separate multiple strings with commas.

  • User. Specify a search string to look for events associated with a particular user, for example, <domain name>\<user name>. Separate multiple strings with commas. For example: USA\Tom,USA\Chris,EUROPE\Alex.

  • Computer. Specify computer names to look for. Separate multiple entries with commas. For example: SHASTA,MARS.

  • Description. Specify a detail description or keywords in the description. A string can contain spaces, underscores, and periods. Separate multiple entries with commas. For example: no domain,critical error from the Active Directory.

The search string can contain criteria used to include entries, exclude entries, or both. Separate the include and exclude criteria with a colon (:). If you are specifying only include criteria, the colon is not necessary.

Maximum number of events per event message

Specify the maximum number of DNS Registration Event Log events that can be returned in each event report.

For example, if this value is set to 30, and 67 Registration Event Log events are found, then three event reports are raised: two reports containing 30 events and one report containing seven events.

The Message column on the Events tab displays the number of events in the event report, the type of log the events are from, and the event report batch number. The batch number is the sequential number of the event report. Batch numbers start at 1 for each Knowledge Script iteration.

The default is 30.

Event severity

Set the event severity level, from 1 to 40, to indicate the importance of the an event in which log entries match your selection criteria. You can adjust the severity based on the types of events you are checking. The default severity level is 8 (red event indicator).