Phone Lines icon GFI Support

Articles in this section

See more

Verifying That GFI EventsManager Can Retrieve W3C Logs

Author: Luis Fernandes Updated

Overview

This article provides a step-by-step process on verifying that GFI EventsManager can retrieve W3C logs.

Process

Perform the following steps to verify that GFI EventsManager can access and collect W3C logs:

  1. Take note of the IP address of the machine where the log files are located (e.g. 192.168.0.21) and the path where the W3C logs are located (e.g. <C:\WINDOWS\system32\Logfiles\W3SVC1>.
  2. Log on to the computer where GFI EventsManager is running.
  3. Choose Start > Run.
  4. Type \\<IP address of the machine>\<path to the log file, using admin shares>. Using the example, you should use: \\192.168.0.21\C$\WINDOWS\system32\Logfiles\W3SVC1.
  5. Ensure that you can open the W3C log files using a text editor such as Notepad.

The verification process described above simulates the W3C event retrieval operation normally performed by GFI EventsManager. Hence, if you managed to successfully open and access the W3C log file, then GFI EventsManager will be able to effectively retrieve events from the machine.

Note:

If you failed to successfully open and access the W3C log file, verify that:

  • The W3C log file is located in a path which is shared. This can be either an administrative share or a normal share. For example, all the W3C logs can be found in a share called LogFiles. In GFI EventsManager, we need to specify LogFiles\*.*. In this case, GFI EventsManager will connect to \\192.168.0.21\LogFiles and retrieve all the files from this location.
  • The account under which GFI EventsManager is running has access/read privileges over the share where the W3C log file is located. To verify access privileges, navigate to the share using Windows Explorer, right-click on the share and select Sharing and Security > Permissions.
  • The target W3C log files are not locked/opened exclusively by another application such as Microsoft Internet Information Services (IIS). This would block GFI EventsManager from accessing and collecting events from the source log. To avoid this, configure your applications to create new log files more frequently. For example, a new IIS W3C log file can be created once every hour. This will allow GFI EventsManager to be up-to-date until the last hour.