I have been trialing the use of Windows Event Log subscription emails as per my post here. Lately @ CSODBB these have proven very useful in early detection of issues such as unexpected 3rd party Identity Broker connector outages, or unexpected AD activity (scripted updates of AD accounts causing unexpected sync load). I mentioned this to Shane Day and he suggested I put in a feature request, so here it is.
I envisage an extension to Event Broker in several independent/complementary ways:
- New change detection feature for Windows Event logs (potentially subscriber-push notifications) - these would complement the existing file changes detection for monitoring FIM and related logging;
- Enhanced file logging to allow the specification of filtering in the log file in a similar way to what is possible with Event Logs - idea is that you may want to subscribe to only certain entry types in a file log (note that for Identity Broker this would be achievable already by specifying a Windows event logger instead, but other services that write file logs may not have this option);
- an SMTP email operation (yes you can do this in PowerShell now, but with some thought you could use a wizard automate the creation of a PowerShell plugin with use of Cmdlets to provide basic parameter-driven email notifications);
- enhanced log reading capabilities to improve searches;
- enhanced log presentation capabilities (UI) to map occurrences of specified event filters over time for a range of log files - including Event Broker's own log files)
All of the above require more thought, but I'm really thinking of how to create something to improve the quality of our own UNIFY health checks, initially by providing an enhanced, more responsive service, but secondly improving the product's own capabilities to attract the market that was once there for NetPro's (now Quest's possibly defunct) Mission Control for ILM.
Customer support service by UserEcho