Scanning with an Eventlog Only scanning target

Your Lansweeper installation includes two Eventlog Only scanning targets. These are agentless, scheduled scanning targets that scan the event log entries of Windows domain or workgroup computers specified by you, as frequently as once a minute. Specifically, events found in the Windows Logs of a client machine's Event Viewer are scanned. Eventlog Only scanning is supported for Windows XP and any more recent Windows operating system and only retrieves event log information; it does not scan any other computer data.

Eventlog Only scans allow you to scan computer containers, OUs and individual (domain or workgroup) computers and specify a separate scanning schedule for each scanning target. To submit a container, OU or individual computer for Eventlog Only scanning, hit the Add Scanning Target button in the following section of the web console and choose one of the Eventlog Only scanning types in the resulting popup: Scanning\Scanning Targets. The first scanning type allows you to submit one specific Windows domain or workgroup computer for Eventlog Only scanning, the second scanning type allows you to submit all computers in a specific OU. If you have multiple scanning servers, there will be multiple configuration tabs on the Scanning Targets page, one for each server.

Scanning Targets menu
Eventlog Only scanning targets
 As agentless scanning of Windows computers requires credentials, make sure to submit and map your Windows scanning credentials as well, by following the instructions in this knowledge base article.
All Windows scanning targets, not just the Eventlog Only ones, scan event log information. Eventlog Only scans simply allow you to scan events more frequently, so you can monitor important servers or workstations more closely. You can review events as they happen and optionally configure real-time email alerts.
To keep your database as small as possible, only error events are scanned by default. Additional event types (warning, information, success audit or failure audit) can be manually enabled for scanning, if required.

Eventlog Only settings

Below is an overview of available Eventlog Only scanning options and settings. Each scanning target can be configured differently.

Eventlog Only scanning target settings
  • Target or Adsi Path: depending on which scanning type you chose, NetBIOS name of the individual Windows computer or the computer container or organizational unit whose event log information you want to scan.
    When you submit a CN/OU for Eventlog Only scanning, Lansweeper scans the event log entries of the computers in the CN/OU you've submitted and any sub-OUs contained within.
  • Domain/Workgroup (Netbios): NetBIOS name of the domain or name of the workgroup your computer CN/OU or individual computer belongs to.
  • Description: custom description you can assign to the scanning target.
  • Recurring every: determines how often (every X number of minutes or hours) the scanning target will be scanned.
  • Enable: check/uncheck this box to enable/disable scanning of the scanning target.

Related Articles