Test fire any event on any server from any application


 

Golden Oldies - always popular (tools vs music)

 

Old Holman blog that's still relevant, even more powerful than EventLog Explorer

 

Basically anyone who wants to test fire events off a SCOM MP should use this tool.

Event Create, write-eventlog all have limitations (certain event sources that can be used to create events, or event ID number limitations)

 

 

First, download the 2007 R2 Admin ResKit here

MomTeam blog reference

 

Double click the downloaded MSI

 

I prefer to move extracted files under my SCOM tools/Management pack directory structure under MonAdmin (Monitoring Admin)

Copy extracted files to gold depot

 

 

 

Move to gold depot - SCOM \ tools \ <toolname here>

 

 

Go into the MPEventAnalyzer directory

Run the exe

 

MP Event Analyzer

Click on Investigate Event Sources Tab (bottom middle)

Don't forget you can use the search bar (where I typed apm)

 

For my example, double click on APM Agent

 

 

Search Events on right hand pane

 

Check checkbox to select the 1319 APM event for configuration error (right hand pane)

Click the 'Add selected events to execution list'

Once event verified in bottom box, click the green box to fire selected event(s)

 

 

 

Verify event in Event Viewer

 

 

Validate Management Pack

Stay tuned... this did not complete the validation process.

Comments (4)
  1. thomas1112 says:

    hi guys 🙂

    has anyone tried with “security-auditing” log? when i choose it from the list i get a prompt “cannot retrieve event information for provider microsoft-windows-security-auditing. reason: acces is denied” ? any ideas?

    1. kjustin1996 says:

      Hello Thomas,
      Are you running MP Analyzer, or EventLog Explorer?
      Are you running this as administrator?

      If MP Analyzer, what pack are you loading?
      I don’t see Microsoft-Windows-Security-Auditing on a 2016 server with EventLog Explorer, can you explain further?

      1. Anonymous says:
        (The content was deleted per user request)
      2. thomas1112 says:

        im using MP Event Analyzer, im choosing “investigate event sources” then from the list trying to open “Security-Auditing”

        (im running the app as admin)

Comments are closed.

Skip to main content