beautypg.com

Chapter 11. windows nt event log adapter, Adapter files, Chapter 11, “windows nt event log adapter – IBM Enterprise Console User Manual

Page 139

background image

Chapter 11. Windows NT Event Log Adapter

The adapter for the Microsoft Windows NT event log forwards events from a
Windows NT system to the event server. It is registered with the start-up
configuration of Windows NT so that the adapter is started with all the other
applications that are automatically started when Windows NT is started.

Note:

Only a single instance of the Windows NT or Windows event log adapter
can be run on a managed node or endpoint.

The adapter is a WIN32 process that reads events generated on a Windows NT
system, formats them according to the specification in the format file, and forwards
them using Winsock TCP/IP to an event server for further processing.

Windows NT events are gathered from the three Windows NT event logs (System,
Application, and Security) maintained by the Windows NT Event Manager, and
from any other ASCII log files residing on the Windows NT system. The Windows
NT event log adapter tracks the messages read from the Windows NT event logs
using three registry variables that contain the most recent highest message read for
the System, Application, and Security logs, whether the Windows NT event log
adapter is running continuously or is restarted. You can alter this behavior using
the appropriate switches when the Windows NT event log adapter is started.

Two versions of the Windows NT event log adapter are provided. One is built as a
Windows NT service, while the other is a WIN32 process that is not a Windows
NT service. You should normally run the Windows NT service version, since it
runs even when no user is logged in. The non-service version can be used to help
you view console messages for diagnostic purposes. Other than the service-related
differences, both versions perform identically.

This chapter describes how to configure and start the Windows NT event log
adapter.

Adapter Files

The Windows NT event log adapter package consists of the following files:

README

The readme file.

tecinstl_nt.cmd

The adapter installation batch file.

instlsrv.exe

The adapter installation assist executable file.

tecadnts.exe

The adapter service executable file.

tecad_nt.exe

The adapter non-service executable file.

tecad_nt.conf

The configuration file.

tecad_nt.fmt

The format file.

tecad_nt.cds

The class definition statement (CDS) file.

tecad_nt.baroc

The BAROC file.

© Copyright IBM Corp. 2002

127

See also other documents in the category IBM Hardware: