Click here to expand

    Enabling Hyper V logging

    To monitor Hyper V Logs, add the Windows Server from which the Hyper V logs are to be collected.

    For EventLog Analyzer to collect Hyper V logs, follow the steps below in the respective Windows device:

    1. Open your Event Viewer.
    2. Go to Application and Service Logs> Microsoft> Windows.
    3. Right click on the following and select 'Enable Log':
      • Hyper-V-Config
      • Hyper-V-High-Availability
      • Hyper-V-Hypervisor
      • Hyper-V-Integration
      • Hyper-V-SynthFC
      • Hyper-V-SynthNic
      • Hyper-V-SynthStor
      • Hyper-V-VID
      • Hyper-V-VMMS

    This will enable logging of Hyper V Logs and the logs can be viewed in Event Viewer.

    To perform searches and generate reports out of these logs, carry out the following registry configuration on the respective Windows machine:

    1. Open the registry editor, 'regedit' in a Command Line Window.
    2. Navigate to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog
    3. Right click on 'eventlog' and create new keys with the following names:
      • Microsoft-Windows- Hyper-V-Config
      • Microsoft-Windows-Hyper-V-High-Availability
      • Microsoft-Windows-Hyper-V-Hypervisor
      • Microsoft-Windows-Hyper-V-Integration
      • Microsoft-Windows- Hyper-V-SynthFC
      • Microsoft-Windows-Hyper-V-SynthNic
      • Microsoft-Windows- Hyper-V-SynthStor
      • Microsoft-Windows- Hyper-V-VID
      • Microsoft-Windows- Hyper-V-VMMS

    Note: EventLog Analyzer supports log collection from any device which has remote logging capability, via UDP or TCP protocol. The default UDP ports are 513,514 and the default TCP port is 514 in EventLog Analyzer.

    • TCP based log collection offers reliability.
    • UDP based log collection is not reliable, but reduces load on your network when compared to TCP.

    Depending on the requirements of your environment, you can choose the appropriate protocol for log collection.

    Get download link