An event is an important system or application occurrence. The Windows operating system records information about events in event log files. There may be several event logs stored on each computer. Use the native Windows Event Viewer to view event logs. DRA manages the event logs only on the computers in the managed domains.
DRA records user-initiated operations in the log archive, a secure repository. You have the option to have DRA also record user-initiated operations in the Windows Event Log in addition to recording the information in the DRA log archive. For more information, see Understanding Dates and Times.
Computers running Microsoft Windows record additional information in various logs. The logs are briefly described as follows:
|
Log Type |
Description |
|---|---|
|
ADAM |
Records events logged by the ADAM repository. |
|
Application |
Records events logged by an application on the computer, such as a service startup or failure. For example, DRA stores events in the Application log. |
|
Directory service |
Records events related to domain controllers maintaining the security database. |
|
File replication service |
Records events related to file replication services provided by the operating system. |
|
Security |
Records events that include logon attempts, file and directory access, and security policy changes that are based on the audit policy options. |
|
System |
Records events logged by the Windows system components, such as the failure of a driver or services starting and stopping. |
You can specify the maximum size of an event log file and what happens to an event log when it becomes full. The properties window also displays the name of the log, the log file path and filename, when the log was created, when it was last modified, and when it was last accessed. If you choose to back up the log file, DRA saves the event log with a unique file name in a standard location on the selected computer.
DRA lets you manage event logs while managing other resources for that computer. With the appropriate powers, you can perform various share management tasks, such as changing event log properties.
When you install DRA, audit events are not logged in the Windows event log by default. You can enable this type of logging by modifying a registry key.
WARNING:Be careful when editing your Windows Registry. If there is an error in your Registry, your computer may become nonfunctional. If an error occurs, you can restore the Registry to its state when you last successfully started your computer. For more information, see the Help for the Windows Registry Editor.
You can modify event log properties for a specific computer.
You can view entries in a specific event log for a computer in the managed domain or managed subtree. When you view an event log, DRA launches the native Windows Event Viewer.
You can clear entries in a specific event log for a computer in the managed domain or managed subtree. You can also save the event log entries before clearing the log.