Previous Topic: EVENTTIME Statement—Specify the Date and Time of a Windows Event LogNext Topic: EXITCODE Statement—Identify Success or Failure by Exit Code

C-LANG StatementsEVENTTYPE Statement—Specify a Windows Event Type

EVENTTYPE Statement—Specify a Windows Event Type

The EVENTTYPE statement specifies the event type to monitor in the Windows event log.

Supported Job Type

This statement is optional for the Windows Event Log Monitoring job type.

Syntax

This statement has the following format:

EVENTTYPE ERROR|WARN|INFO|AUDITS|AUDITF
ERROR

Specifies the Error event type.

WARN

Specifies the Warning event type.

INFO

Specifies the Information event type.

AUDITS

Specifies the Success Audit event type.

AUDITF

Specifies the Failure Audit event type.

Example: Monitor an Application Event Log for Information Events

This example monitors the Application log for Information events:

AGENT WINAGENT
EVENTLOG Application
EVENTTYPE INFO
EVENTSOURCE Userenv
EVENTCOMPUTER LLUSER
EVENTCATEGORY None
EVENTID EQ 1000

Example: Monitor for a Successful Audit

In this example, the security log is monitored for a successful audit of a security access attempt. The event category is System Event, the term succeeded is excluded, but the words Audit and log are included in the event description.

AGENT WINAGENT
EVENTLOG Security CONTINUOUS(ELOG)
EVENTTYPE AUDITS
EVENTCATEGORY 'System Event'
EVENTDESCRIPTION '-succeeded +Audit log'