The Data Mining management pack, written by my friend Stelian Postea, is great management pack to help you investigate issues and to improve the general health of your servers. We all look at the evnt logs on our servers to investigate individual issues, however we very rarely take a look at the number, and type, of events being created to gain an overall status of health…. That’s where this MP will help!
How it works
Once per day, a rule will run that will collect information on the error and warning events in the Application, System and Operations Manager event logs. There is a rule targeted at the Management Server class that is enabled by default, and a rule targeted at Agents that is disabled. The rule targeted at the Agents class can be overidden for individual, or groups, of computers.
When the rule has run at least once, the report can be run, which looks like this. As you can see, my test environment needs some TLC!
What it doesn’t do
This pack isn’t intended to provide direct resolutions to issues, and it isn’t a tool to collect event log data. This management pack collects an overview of the error and warning logs, not the logs themselves, and uses this data to produce the reports.
For all the details from Stelian himself, visit https://stelianposteablog.wordpress.com/2015/11/25/data-mine-the-windows-event-log-by-using-scom/
And, to download the management pack, visit https://gallery.technet.microsoft.com/Windows-Event-Log-Data-cc1fe248
Happy event informationg gathering!