Event Log (PD_ELOG)
Function
The Event Log (PD_ELOG) record stores event log data recording the following information about applications, systems, and security at given points in time:
This is a multi-instance record.
Default values and values that can be specified
Item | Default value | Modifiable |
---|---|---|
Collection Interval | 60 | Yes |
Collection Offset# | 0 | Yes |
Log | No | Yes |
LOGIF | Blank | Yes |
ODBC key fields
Lifetime
None
Record size
Fields
PFM-View name (PFM - Manager name name) | Description | Smry | Format | Delta | Not sprtd on | Data source |
---|---|---|---|---|---|---|
Computer Name (COMPUTER_NAME) | Name of the computer that generated the event. | -- | string (36) | No | -- | -- |
Description (DESCRIPTION) | Event log explanation. | -- | string (512) | No | -- | -- |
Event Category (EVENT_CATEGORY) | Sub-category unique to the event source. | -- | string (36) | No | -- | -- |
Event ID (EVENT_ID) | Event ID. | -- | ulong | No | -- | -- |
Event Type ID (EVENT_TYPE_ID) | Event type identifier. One of the following values is used for this field. When the OS is Windows Server 2003 or earlier: 1: Error 2: Warning 4: Information 8: Success Audit 16: Failure Audit When the OS is Windows Server 2008 or Windows Server 2012: 0: Success Audit 0: Failure Audit 1: Critical 2: Error 3: Warning 4: Information 5: Verbose | -- | ulong | No | -- | -- |
Event Type Name (EVENT_TYPE_NAME) | Event type. One of the following values is used for this field. When the OS is Windows Server 2003 or earlier: - Error - Warning - Information - Success Audit - Failure Audit When the OS is Windows Server 2008 or Windows Server 2012: - Error - Warning - Information - Success Audit - Failure Audit - Critical - Verbose | -- | string (26) | No | -- | -- |
Log Name (LOG_NAME) | Event log type. The value of this field is one of the following: - Application - Security - System | -- | string (26) | No | -- | -- |
Record Time (RECORD_TIME) | Time at which the record was created. | -- | time_t | No | -- | -- |
Record Type (INPUT_RECORD_TYPE) | Record name. Always ELOG. | -- | char (8) | No | -- | -- |
Source Name (SOURCE_NAME) | Name of the source (application, service, driver, or subsystem) that generated the entry. | -- | string (256) | No | -- | -- |
Time Generated (TIME_GENERATED) | Time at which the event entry was submitted. | -- | time_t | No | -- | -- |
User Name (USER_NAME) | User name that was active when the event was recorded. | -- | string (36) | No | -- | -- |
User Sid (USER_SID) | Type of user security ID that was active when the event was recorded. One of the following values is used for this field: 1: User 2: Group 3: Domain 4: Alias 5: Known group 6: Deleted account 7: Invalid 8: Unknown type 9: Computer 0: No information | -- | ulong | No | -- | -- |