This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
→ 🚀What's New? Explore Lansweeper's Fall 2024 Updates! Fall Launch Blog !
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- Reports & Analytics
- Report of Event Log Errors including "STATEMENT" o...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Register to ask a question, start a topic or share an idea
Join the Community
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2024 05:02 PM
I had a need to find a specific event log error on some of our servers, and count them up to provide a quick glance at how many times a service is failing on a server. This specifies the server name type (for instance, if all of your database servers include the phrase 'dbserver' in them), scans for the event log message including "MSG HERE", adds them together, and gives a count for each error amount of specified assets.
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysOS.OSname As OS,
tblAssets.Lastseen As [Last successful scan],
Count(tblNtlog.Eventcode) As [Error Count]
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblNtlog On tblNtlog.AssetID = tblAssets.AssetID
Inner Join tblNtlogMessage On tblNtlogMessage.MessageID = tblNtlog.MessageID
Inner Join tblNtlogSource On tblNtlogSource.SourcenameID =
tblNtlog.SourcenameID
Inner Join tblNtlogUser On tblNtlogUser.LoguserID = tblNtlog.LoguserID
Inner Join tblNtlogFile On tblNtlogFile.LogfileID = tblNtlog.LogfileID
Left Outer Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblAssets.AssetName Like '%dbserver%' And Case tblNtlog.Eventtype
When 1 Then 'Error'
When 2 Then 'Warning'
When 3 Then 'Information'
When 4 Then 'Security Audit Success'
When 5 Then 'Security Audit Failure'
End = 'Error' And tblNtlog.TimeGenerated > GetDate() - 14 And
tblState.Statename = 'Active' And
tblNtlogMessage.Message Like '%PUTWHATERRORYOUWANTTOGETAREPORTOF%'
Group By tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysOS.OSname,
tblAssets.Lastseen
Order By [Error Count] DescReplace "dbserver" with the asset name. Replace "PUTWHATERRORYOUWANTTOGETAREPORTOF" with some specific language from the event log error. Replace "14" with however many days you want it to count backwards.
Labels:
- Labels:
-
Finished Reports
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-04-2024 05:22 AM - edited 07-04-2024 05:22 AM
Don't join tables which inuse. It leads to high usage of SQL Server resources.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2024 04:08 PM
Oof, didnt know that, thanks! Do you have a suggestion on how the report could be improved to reduce server load?
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now
Related Content
- Network Discovery: IT Sensor Stops in General Discussions
- Understanding how cloud syncing works in General Discussions
- Introducing SIM - Software Inventory Manager - Developed by Licenseware & Powered by Lansweeper in General Discussions
- New Preview Capability - Host Your Lansweeper Site in the United States in Product Discussions
- Scan slowness in General Discussions
