Event viewer not updating
Filter conditions can be defined on the following event log fields: In addition, the administrators can also monitor the event logs by entering the event id of a particular event or by providing an error string to look for in the event log descriptions field.
If I can't trust the logs how can I rely on the device for security?
This is where you define the amount of found event log entries that match the created criteria for each type (Error, Warning and Information) and the timespan to be analysed during each run of the monitoring service.
If you want to ignore a certain type of event log entry from monitoring, you can specify a really large number for the threshold, this is a common approach used when excluding information alerts from monitoring.
I have a windows service listening to messages from a queue but the messages are not read from the queue.
I created an event log to check for logs during service startup and shutdown but the logs are not written.The event logs are normally used to inform about an important event in the running applications and subsystems such as errors, warnings or information.