Windows event logs: A dashboard for IT admins
Recently I created a new application with Qlik Sense for being able to monitor your local workstation or laptop. This app gives insight into your windows event logs. This dashboard application also gives IT administrators a tool and some inspiration on what the possibilities are and how those can be achieved using Qlik Sense.
This solution has a few screens which cover:
- Total events
- Events per Logtype
- Events over time
- Events per source name
- Alerts per source name
- Events and error % per eventCode ID + Tabular details
- ErrorFlow for LogType -> Source Name -> EventType + Tabular details
- Tabular details for:
- Date of occurence
- EventCode ID
- Tabular details for:
So this is basically the structure of the app or the Table of Contents, if you will. In the following you will find the resources for installation and usage.
- Download Qlik Sense Desktop in the Qlik website.
- Download the
installer for the Qlik Sense Log monitor.app in the QlikShow App Store now.
- For instructions and how to you could download the documentation for this solution.
For installation and usage you can also read the following:
This document is a short introduction to get up and running with this windows event log monitor in Qlik Sense. This solution is built for demo purposes. To be able to install and use this solution demo, you need to be an administrator of your workstation.
Installing the solution
To get up and running you need to install the following packages in the right order:
1. First install “Qlik_Sense_Desktop_setup.exe”
2. Secondly install “QlikSense_LogMonitorSetup.exe” (The software will install to c:\TEMP\, this is necessary for the solution to work. Please do not adjust this entry.)
Open Qlik Sense to use your Log Monitor
1. Open Qlik Sense
2. In the Qlik Sense hub click on the app “Qlik Sense Log Monitor”
This will now open the app in the ‘App Overview’.
This is what the app overview looks like
Next: We want to open the “Data load editor” to load the data from our windows event logs.
Opening the data load editor
1. Click on the ‘compass’ icon in the top left of the app overview.
2. Then choose “Data load editor”.
Next: We actually are going to activate to conversion process to generate a CSV file from our Windows event logs. This process will be taken care of by the solution after we hit ‘Reload data’ in the ‘Data load editor’.
Activating our process for converting and loading the log data
In the ‘Data load editor’ we only have to click on ‘Load data’. When we do this the process will start.
The loading process in progress
These popups and windows will appear when you start the process for converting and loading the data. This might take a minute or two depending on the data volume that is in your windows event logs.
Back to the app overview
1. Go back to the app overview
Using the Log Monitor after loading the data
When the process for loading data is finished the windows and popups will disappear.
We now do the following steps:
1. Go to the sheet called “Dashboard”
2. The dashboard will open like on the example image
3. Check in the listbox with ‘Computer’, if it holds your computername
Note: Navigating between sheets will bring you to different levels of insight regarding your local PC.
If you have feedback, ideas and/or questions let me know. Stay tuned for next posts…