Knowledge Base

Back to support overview

TeamViewer Monitoring's event log check is a must-have for endpoints running Windows OS, as it allows you to see exactly what is occurring on your endpoints.

This article applies to all TeamViewer Monitoring customers.

What is an event Log check?

An event log check is an important tool that provides detailed records of various system, application, and security events. These logs are invaluable for troubleshooting and diagnosing problems. It also highlights potential performance issues, such as slowdowns or resource bottlenecks, and flags hardware problems like disk or memory failures, enabling proactive fixes.
From a security perspective, event logs are critical in monitoring and protecting systems, routine system maintenance, and assistance in demonstrating compliance with regulatory requirements such as HIPAA, GDPR, or others.

How to use the Event Viewer

Understanding the Event Viewer is crucial for effectively utilizing TeamViewer Monitoring's event log check, as these systems rely on interpreting and acting on the same data.

The Event Viewer organizes logs into categories like Application, System, Security, and Setup, each serving a specific purpose. For example, the Application log records events related to software programs, such as crashes or operational issues, while the System log tracks operating system-level events like hardware failures or driver issues. The Security log, however, is essential for monitoring access attempts and ensuring compliance with security policies. We recommend the following links to learn more:

Digital Citizen: How to work with the Event Viewer in Windows

How-To Geek: What is Windows Event Viewer, and how can I use it?

TeamViewer's event log check

TeamViewer Monitoring uses the Windows API to monitor the Event Viewer. A check is performed once a minute by comparing the Event Viewer logs with the designated event log check parameters.

When the parameters set in the policy are met, TeamViewer Monitoring reports them to the designated supporter, who can send an email or push notification.

How to set up TeamViewer Monitoring's event log check

As the event log check is a part of TeamViewer Monitoring, it is set up within the Monitoring policy assigned to the device. For more information on creating a Remote Management policy, please see the following article:

Create a Remote Management policy

The event Log check provides the following parameters:

Event Log to query

Select the type of log to monitor:

  • Application
  • Security
  • System

Event Type

Select the type of event to monitor for:

  • Error
  • Warning
  • Information
  • Success audit
  • Failure audit

Hint: If unsure of what type to select, select all types. Once the alerts begin to generate, limit the types based on what information is needed.

Event Name

Enter the name of the event to be monitored.

Event IDs

Input the specific Event IDs to be monitored. Multiple IDs can be added to the field, separated by commas.

Note: If the Event IDs field is left blank, TeamViewer Monitoring will report all Event IDs that meet the other parameters. We recommend inputting specific Event IDs to monitor.

Event Source

The event source is the name of the software that logs the event. Input all sources to be monitored. If left empty, TeamViewer Monitoring will include all sources.

Note: To ensure proper reporting, please verify the source entered is the same as what is listed for Source, located on the General tab of the Event.