In this case, the log with the specified event ID is not collected. You can also specify an event ID for negative filtering. In this case, the log with the specified event ID or the logs with the specified event IDs are collected. You can specify an event ID or a range of event IDs for positive filtering. You can configure this parameter to filter logs by event ID. This parameter is supported only in the Windows Vista operating system or later. Note This parameter is available only when Windows Event Log API is used. In this case, all historical event logs on your server are collected. If you set the value to 14400, logs that are generated 4 hours before the start time of collection are ignored.īy default, this parameter is left empty, which indicates that logs are not filtered by event time.If you set the value to 3600, logs that are generated 1 hour before the start time of collection are ignored.The event time indicates the time when a log is generated. If the event time of a log is earlier than the start time of collection minus the offset, the log is ignored. You can configure this parameter to filter logs by event time. You can view the full name of a channel in the Windows operating system. This value indicates that event logs are collected from the Application channel. The name of the channel from which you want to collect event logs.
0 Comments
Leave a Reply. |