Configuring custom Windows Event Logs in OMS Workspaces

When configuring OMS Workspace to retrieve Windows Event Logs from custom software or sources that are not being pre-populated in OMS Portal, the administrator must understand the process to retrieve the information. Here are the few steps required to sort it out the name of the log.

Logged on to Azure Portal, find the OMS Workspace, click on Advanced Settings. In the new page, click on Data, Windows Event Logs and on the blade on the right side we can select from the list the common events logs from Windows. The list, however, does not contain other applications and even some Windows Events (BitLocker, Kernel-IO, to mention a few).

Windows Event Logs

If there is no entry on the prepopulated list, no worries. We can still find which information is going to Event Viewer on the machine and we can gather that information. In the example below, we are getting the string to add in OMS in the Full Name field. Just copy and paste from there.

Windows Event Logs

Easy, right?

Featured image: Shutterstock

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top