Application Event Log - OS Test

This test reports the statistical information about the application events generated by the target Dizzion Frame Virtual Desktop.

Target of the test : A Dizzion Frame virtual desktop on the cloud

Agent deploying the test : A remote agent

Outputs of the test : One set of results for each POLICY FILTER configured on a Dizzion Frame virtual desktop on the cloud that is currently launched.

Configurable parameters for the test
Parameters Description

Test Period

How often should the test be executed.

Host

The nick name of the Dizzion Frame Desktops component for which this test is to be configured.

Port

Refers to the port at which the specified host listens to. By default, this is NULL.

Inside View Using

To obtain the 'inside view' of performance of the cloud-hosted Dizzion Frame desktops - i.e., to measure the internal performance of the Dizzion Frame virtual desktops - this test uses a light-weight eG VM Agent software deployed on each of the desktops. Accordingly, this parameter is by default set to eG VM Agent (Frame).

DD For Information

eG Enterprise also provides you with options to restrict the amount of storage required for event log tests. Towards this end, the DD For Information and DD For Warning flags have been made available in this page. By default, both these flags are set to Yes, indicating that by default, the test generates detailed diagnostic measures for information events and warning events. If you do not want the test to generate and store detailed measures for information events, set the DD For Information flag to No.

DD for Verbose

To ensure that the test does not generate and store detailed measures for verbose events, set the DD For Verbose flag to No.

DD For Warning

To ensure that the test does not generate and store detailed measures for warning events, set the DD For Warning flag to No.

Report By User

This flag is set to Yes by default. The value of this flag cannot be changed. This implies that the virtual machines in VDI environments will always be identified using the login name of the user. In other words, in VDI environments, this test will, by default, report measures for every username_on_virtualmachinename.

Report Powered OS

This flag is relevant only for those tests that are mapped to the Inside View of Desktops layer. If this flag is set to Yes (which is the default setting), then the 'inside view' tests will report measures for even those Dizzion Frame virtual desktops that do not have any users logged in currently. Such desktops will be identified by their name and not by the username_on_virtualdesktopname. On the other hand, if this flag is set to No, then this test will not report measures for those Dizzion Frame virtual desktops to which no users are logged in currently.  

Is Cloud VMs

Since this test runs for 'Dizzion Frame Desktops' component which is a cloud-hosted desktop group, this flag is set to Yes by default.

DD Frequency

Refers to the frequency with which detailed diagnosis measures are to be generated for this test. The default is 1:1. This indicates that, by default, detailed measures will be generated every time this test runs, and also every time the test detects a problem. You can modify this frequency, if you so desire. Also, if you intend to disable the detailed diagnosis capability for this test, you can do so by specifying none against DD Frequency

Detailed Diagnosis

To make diagnosis more efficient and accurate, the eG Enterprise embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option.

The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:

  • The eG manager license should allow the detailed diagnosis capability

  • Both the normal and abnormal frequencies configured for the detailed diagnosis measures should not be 0.

Measurements made by the test

Measurement

Description

Measurement Unit

Interpretation

Application errors

This refers to the number of application error events that were generated.

Number

A very low value (zero) indicates that the system is in a healthy state and all applications are running smoothly without any potential problems.

An increasing trend or high value indicates the existence of problems like loss of functionality or data in one or more applications.

Please check the Application Logs in the Event Log Viewer for more details.

Application information count

This refers to the number of application information events generated when the test was last executed.

Number

A change in the value of this measure may indicate infrequent but successful operations performed by one or more applications.

Please check the Application Logs in the Event Log Viewer for more details.

Application warnings

This refers to the number of warnings that were generated when the test was last executed.

Number

A high value of this measure indicates application problems that may not have an immediate impact, but may cause future problems in one or more applications.

Please check the Application Logs in the Event Log Viewer for more details.

Application critical errors

Indicates the number of critical events that were generated when the test was last executed.

Number

A critical event is one that an application or a component cannot automatically recover from.

A very low value (zero) indicates that the system is in a healthy state and all applications are running smoothly without any potential problems.

An increasing trend or high value indicates the existence of fatal/irrepairable problems in one or more applications.

The detailed diagnosis of this measure describes all the critical application  events that were generated during the last measurement period.

Please check the Application Logs in the Event Log Viewer for more details.

Application verbose

Indicates the number of verbose events that were generated when the test was last executed.

Number

Verbose logging provides more details in the log entry, which will enable you to troubleshoot issues better.

The detailed diagnosis of this measure describes all the verbose events that were generated during the last measurement period.

Please check the Application Logs in the Event Log Viewer for more details.

The filter policy for the Application Event Log- OS test and System Event Log - OS test typically comprises of a specific set of event sources, event IDs, and event descriptions to be monitored. This specification is expressed by the eG Enterprise system in the following format:

{Policyname}:{event_sources_to_be_included}:{event_sources_to_be_excluded}:{event_IDs_to_be_included}:{event_IDs_to_be_excluded}:{event_descriptions_to_be_included}:{event_descriptions_to_be_excluded}

On the other hand, the filter policy for the Security Log test comprises of a specific set of event sources, event ids, and users to be monitored. This specification is expressed by the eG Enterprise system in the following format:

{Policyname}:{event_sources_to_be_included}:{event_sources_to_be_excluded}:{event_IDs_to_be_included}:{event_IDs_to_be_excluded}:{users_to_be_included}:{users_to_be_excluded}

To add a new policy, do the following:

  1. Click on the encircled '+' button present alongside the Filter list in the test configuration page of the Application Event Log test, System Event Log test, or Security Log test (see Figure 1).

    Figure 1 : Figure 3. 29: Clicking on the '+' button alongside the Filter list

  2. Figure 2 will then appear listing the policies that pre-exist.

    Figure 2 : List of policies

  3. To view the contents of a policy, click on the View button against the policy name. While a policy can be modified by clicking on the Modify button, it can be deleted using the Delete button. The default policy is all, which can only be viewed and not modified or deleted. The specification contained within this policy is: all:none:all:none:all:none.

  4. To create a new policy, click on the Add New Policy button in Figure 2. Doing so invokes Figure 3, using which a new policy can be created.

    Figure 3 : Adding a new filter policy

  5. In Figure 3, first, provide a unique name against POLICY NAME.

  6. To include one/more event sources for monitoring, select Included from the EVENT SOURCES drop-down list, and then specify a comma-separated list of event sources in the text box below.

  7. To exclude specific event sources from monitoring, select Excluded from the EVENT SOURCES drop-down list, and then specify a comma-separated list of event sources to be excluded in the text box below.

    Note:

    At any given point in time, you can choose to either Include or Exclude event sources, but you cannot do both. If you have chosen to include event sources, then the eG Enterprise system automatically assumes that no event sources need be excluded. Accordingly, the {event_sources_to_be_excluded} section of the filter format mentioned above, will assume the value none. Similarly, if you have chosen to exclude specific event sources from monitoring, then the {event_sources_to_be_included} section of the format above will automatically take the value all, indicating that all event sources except the ones explicitly excluded, will be included for monitoring.

  8. In the same way, select Included from the EVENT IDS list and then, provide a comma-separated list of event IDs to be monitored.

  9. If you, on the other hand, want to exclude specific event IDs from monitoring, then first select Excluded from the EVENT IDS list box, and then provide a comma-separated list of event IDs to be excluded.

    Note:

    At any given point in time, you can choose to either Include or Exclude event IDs, but you cannot do both. If you have chosen to include event IDs, then the eG Enterprise system automatically assumes that no event IDs need be excluded. Accordingly, the {event_IDs_to_be_excluded} section of the filter format mentioned above, will assume the value none. Similarly, if you have chosen to exclude specific event IDs from monitoring, then the {event_IDs_to_be_included} section of the format above will automatically take the value all, indicating that all event IDs except the ones explicitly excluded, will be included for monitoring.

  10. Likewise, select Included from the EVENT DESCRIPTIONS list and then, provide a comma-separated list of event descriptions to be monitored.

  11. For excluding specific event descriptions from monitoring, first select Excluded from the EVENT DESCRIPTIONS list box, and then provide a comma-separated list of event descriptions to be excluded.

    Note:

    Instead of the complete event descriptions, wild card-embedded event description patterns can be provided as a comma-separated list in the Included or Excluded text boxes. For instance, to include all events that start with st and vi, your Included specification should be: st*,vi*. Similarly, to exclude all events with descriptions ending with ed and le, your Excluded specification should be: *ed,*le.  

  12. In case of the Security Log test however, you will not be required to include/exclude event descriptions. Instead, an event users field will appear, using which you need to configure users who need to be included/excluded from monitoring.

    Note:

    At any given point in time, you can choose to either Include or Exclude event descriptions/users, but you cannot do both. If you have chosen to include event descriptions/users, then the eG Enterprise system automatically assumes that no event descriptions/users need be excluded. Accordingly, the {event_descriptions_to_be_excluded} section or the {users_to_be_excluded}  section (as the case may be) of the filter formats mentioned above, will assume the value none. Similarly, if you have chosen to exclude specific event descriptions/users from monitoring, then the {event_descriptions_to_be_included} section or the {users_to_be_included} section (as the case may be) of the formats above will automatically take the value all. This indicates that all event descriptions/users except the ones explicitly excluded, will be included for monitoring.

  13. Finally, click the Update button.