Other Resources

    Setting up Windows Event Log Reports


    EventLog Analyzer offers one thousand pre-built reports. The reports are displayed in the Reports tab of the UI. The reports can be scheduled as and when required.

    Carryout the following configurations in the Widows hosts to get the 1000 canned reports to get generated.

    Add the following the Widows Registry

    • Open regedit.msc
    • In that add, HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Service > eventlog
    • Create following New Keys:

     

    Reports New keys
    Program Inventory Reports Microsoft > Windows > Application > Experience/Program > Inventory
    Application Whitelisting Reports Microsoft > Windows > AppLocker/EXE and DLL 
    Microsoft > Windows > AppLocker/MSI and Script
    Windows Backup & Restore Reports Microsoft > Windows > Backup
    Windows Firewall Auditing Reports Microsoft > Windows > Windows Firewall With Advanced Security/Firewall
    USB Plugged in & out Microsoft > Windows > DriverFrameworks > UserMode/Operational
    Windows System Events Microsoft > Windows > GroupPolicy/Operational
    Microsoft > Windows > NetworkProfile/Operational
    Microsoft > Windows > WindowsUpdateClient/Operational
    Microsoft > Windows > Winlogon/Operational
    Microsoft > Windows > WLAN > AutoConfig/Operational
    Microsoft > Windows > TerminalServices > Gateway/Operational
    Microsoft > Windows > TerminalServices > RDPClient/Operational
    Microsoft > Windows > TerminalServices > RemoteConnectionManager/Operational
    Microsoft > Windows > Wired > AutoConfig/Operational

    Hyper-V Server Events

    Hyper-V VM Management Reports

    Microsoft > Windows > Hyper-V > Worker > Admin 
    Microsoft > Windows > Hyper-V > VMMS > Storage 
    Microsoft > Windows > Hyper-V > VMMS > Networking 
    Microsoft > Windows > Hyper-V > VMMS > Admin 
    Microsoft > Windows > Hyper-V > Hypervisor > Operational