Analyzing logs is a key capability of SolarWinds Observability Self-Hosted (formerly Hybrid Cloud Observability) and is available in the Essentials edition. Log Analyzer (LA) is also available in a standalone module.

Monitor Windows security events

LA provides a pre-configured whitelist that includes all monitored Windows security events. This whitelist allows the most common security events and restricts unnecessary data that can clutter and overwhelm your log feed.

To add or remove events, go to Global Advanced Configuration and edit the query.

Modifying the default configuration may exceed LA’s scalability limit and is not recommended. Please contact Customer Support for assistance.

Search SolarWinds Support

Monitor Windows security events