| The following Events are generated for Event source = EventTracker™ |
| Event ID |
Event Description |
| 2001 |
The EventTracker™ Manager service was started. |
| 2002 |
EventTracker™ Agent on %1 is running and okay. |
| 2003 |
Accepted EventTracker™ Viewer connection from %1. |
| 2004 |
The EventTracker™ Viewer from %1 was disconnected. |
| 2005 |
The EventTracker™ Manager Console was started. |
| 2006 |
EventTracker™ Agent on %1 was not running. Restarted successfully. |
| 2007 |
EventTracker™ Agent on %1 is not running. Failed to restart. |
| 2008 |
Detected system %1 is not reachable. No reply received on ping poll. |
| 2009 |
Detected system %1 is reachable. Reply received on ping poll. |
| 2010 |
Number of events in the database exceeded %1. Please purge the database or you may see slow performance of EventTracker™ software. |
| 2011 |
System %1 may be generating high number of events. Please filter unnecessary events emitted from this system. |
| 2012 |
Scheduled Report: %1 was generated and emailed successfully. |
| 2013 |
Scheduled Report: %1 was not generated. Please cross-check configuration. |
| 2014 |
Archival of old events done successfully. Status %1. |
| 2015 |
Archival of old events failed. Status %1. |
| 2029 |
Notification: Report file deletion. Following file 'report file' created on 'date' will be deleted on 'date' so, please take back up of the file if required. 'Full path of report file' |
| 3201 |
Detected free space in drive <drive:> is less than N percent. Disk Size: X MB, Free: Y MB |
| 3202 |
Detected Service <Service Name> is not running. |
| 3203 |
Detected Service <Service Name> was restarted successfully. |
| 3204 |
Detected Service <Service Name> could not be restarted. |
| 3206 |
Detected High Memory Usage. More than N percent in use for last X seconds. Peak Memory: Q percent. Total Physical: Y MB, Total Paging: Z MB, Avail Physical: B MB, Avail Paging: C MB. |
| 3207 |
Detected High Cpu Usage. More than N percent in use for last X seconds. |
| 3208 |
Detected software <Some S/W> has been installed on this system. |
| 3209 |
Detected software <Some S/W> has been uninstalled from this system. |
| 3210 |
<Some Log> Event Log is near to its maximum log size. Take administrative actions. Maximum Log Size : X Kilobytes, Current Log Size : Y Kilobytes. |
| 3211 |
<Some Log> Event Log has already reached its maximum log size. New events cannot be logged. Take administrative actions. Maximum Log Size : X Kilobytes. |
| 3212 |
<Some Log> Event Log has reached its maximum size. EventTracker™ has backed up to <Backup File> and reset the event log. |
| 3213 |
Detected disk usage for drive X: is back to below configured threshold limit. Disk Size: Y MB, Free: Z MB |
| 3214 |
Detected Service <Service Name> is now running. |
| 3215 |
Detected Memory usage is back to below configured threshold limit. Peak Memory: N percent. Total Physical: W MB, Total Paging: X MB, Avail Physical: Y MB, Avail Paging: Z MB. |
| 3216 |
Detected Cpu usage is back to below configured threshold limit. Current cpu usage is N percent. |
| 3217 |
Process <Process Name> has crossed the memory usage limit of N megabytes. Actual Use: M Megabytes |
| 3218 |
Process <Process Name> has crossed the CPU usage limit of X%. Actual Use: Y% |
| 3219 |
The memory usage by process <Process Name> is now normal and below the usage limit of X megabytes. Actual Use: Y Megabytes |
| 3220 |
The CPU usage by process <Process Name> is now normal and below the usage limit of X%. Actual Use: Y% |
| 3221 |
App Open: Exe: <Exe Name> Name: <App Name> Description: <App Description> Version: <App Version> Vendor: <App Vendor> PID: <Process ID> |
| 3222 |
App Close: Exe: <Exe Name> Name: <App Name> PID: <Process ID> |
| 3223 |
TCP connection ESTABLISHED
Type: TCP
Status: New
Local Address: <Local Addr>
Local Port: <Local Port>
Remote Address: <Remote Address>
Remote Port: <Remote Port>
Connection State: <State>
Process Name: <Process Name> |
| 3224 |
TCP connection MODIFIED
Type: TCP
Status: Changed
Local Address: <Local Address>
Local Port: <Local Port>
Remote Address: <Remote Address>
Remote Port: <Remote Port>
New Connection States: <State>
Old Connection States: <State>
Process Name: <Process Name> |
| 3225 |
TCP connection DISCONNECTED
Type: TCP
Status: Deleted
Local Address: <Local Address>
Local Port: <Local Port>
Remote Address: <Remote Address>
Remote Port: <Remote Port>
Connection active time: %<N> secs
Last know Connection State: <State>
Process Name: <Process Name> |
| 3226 |
UDP connection ESTABLISHED
Type: UDP
Status: New
Local Address: <Local Address>
Local Port: <Local Port>
Process Name: <Process Name> |
| 3227 |
UDP connection DISCONNECTED
Type: UDP
Status: Deleted
Local Address: <Local Address>
Local Port: <Local Port>
Connection active time: %<N> secs
Process Name: <Process Name> |
