Event Logs

BizTalk360 offers monitoring of Event Logs and configure rules based on their requirements. Event Logs are files that record the specific events that happen within the environment. The event logs are normally used to inform about an important event in the running applications and subsystems such as errors, warnings, or information. The event log information can be used by administrators for troubleshooting problems. In this section, we will see how to set up monitoring of Event Viewer in the BizTalk server using BizTalk360.

Monitoring the Event Viewer in BizTalk Server

In BizTalk360, the administrator can configure alerts for a particular event log/source(s) by defining a filter condition on the available event logs and request to be notified, when there are more than a specific number of alerts/warnings from the server. For instance, you can customize the alert in such a way that you must be notified when there has been a sequence of start/stops of the host instances in the past 30 minutes. Without being alerted, you may not know the frequent start/stops of the host instances and this could impact the performance of the environment or be a sign of other problems in the environment.

The administrators can set up monitoring for the event log by defining their filter conditions on the event logs available in the server. Filter conditions can be defined in the following event log fields:

• Event Log name
• Event Sources
• Event Id
• Event Log Description

In addition, the administrators can also monitor the event logs by entering the event id of a particular event or by providing an error string to look for in the event log descriptions field. Once the event log information is selected, the threshold violation settings can be entered. This is where you define the amount of found event log entries that match the created criteria for each type (Error, Warning, and Information) and the time span to be analyzed during each run of the monitoring service. If you want to ignore a certain type of event log entry from monitoring, you can specify a really large number for the threshold, this is a common approach used when excluding information alerts from monitoring.

Setting up monitoring for Event Logs

• Log in to the BizTalk360 application.
• Click 'Monitoring' in the navigation panel. 
• Click the expand button against the 'Manage Mapping' tab and depending on the requirement, select the 'BizTalk Servers' link. 
• Select the BizTalk Server for which you want to set up the monitoring of Event Log Entries.
• Select the Alarm name (see Manage Alarms) from the drop-down for which you would like to associate the alerts.
• At the tab pages at the top, select 'Event Logs'.
• Click the 'New Event Log Alert' button to set up monitoring for the event logs. You can customize your alert on a specific event log/source.
• In the configuration includes Event Log configuration and Monitoring Rules.

1.Event Log Configuration

BizTalk Administrator wants to monitor different Events from multiple servers. For example, they might want to monitor the ESB from BizTalk Server at the same time they want to ensure the performance of the SQL Server & ENTSSO events from a separate SSO server and they also need to monitor the IIS from multiple BizTalk servers. To achieve this user can select SQL Server and ENTSSO in the event sources and the respective category in the event logs. User can also specify the Event ID's in specific.

2. Threshold Configuration

Let's assume that user wants to receive an alert if there are more than 10 errors (or) 10 warnings (or) 25 information events in the last 45 minutes. They can set the same values as in the threshold configurations. This helps users in knowing the required event log has occurred or not. This leads to a quick catch of issues raised in their environment that can be addressed promptly.

Click 'Save' to save the Event log alert information.

The above screenshots depicts that the BizTalk Server KOVLTP173 needs to be monitored for Application Event Log entries with event Id's 1008 and 30010. Alerts should be received in case, within a time frame of 45 minutes, more than 10 Errors or 10 Warnings or 25 Information events were received from Event Log Sources Application.

Overview of Mapped Event Logs

Once the BizTalk server event logs are mapped for monitoring, the health status of the event logs will be shown in dashboard in a graphical tree view.  If the threshold values configured for event logs mapped are violated, it will be listed in the errors and warnings along with the associated alarms. You can also navigate to the respective server's event logs on clicking them.

In order to receive email notifications from BizTalk360 on the threshold violation alerts, you need to configure the SMTP settings under BizTalk360 Settings. Follow the steps in this article to be able to configure the SMTP settings in BizTalk360. You will receive an email notification with the exact details of the status of the BizTalk server event logs.