What is it?

WinCELS, or the "Centralized Event Log System", once released will give Wintel system administrators the ability to easily search for and examine event log entries from many systems, from a single point.

Why, when there are other products that address this?

The goal of the WinCELS project is to create an event log monitor app that:
A> Doesn't rely on agents on each an every system to be monitored. (Each agent adds another component that can fail.)
B> Uses a central repository for all events which is at least somewhat organized.
C> Will include at least a basic querying tool.
D> Doesn't cost "an arm and a leg". ("$30K for 70 servers?!" cripes...)

What are the components?

CELS will be made up of 3 parts:
An SQL database 'back-end' to store all data.
A 'Collector', to retrieve the Event log entries and deposit them into the database.
A query tool, to retrieve information from the database.

The database:

Thus far the Collector script snippets have been tested with both MS SQL 2000, and MySQL. The scripts worked fine with both servers. Once released, CELS should work with any database to which an ODBC link can be created. Due to the simple needs of the app, all of the data could actually be stored in a 'break all the rules' single-table format.

The Collector:

The Collector is simply a service that would be installed on any Wintel server. You would configure it for the servers to monitor, and the collection interval. It would need to use an account that has access to all of the monitored servers.

The Query Tool:

The Query Tool included as part of CELS, would act as a simple means of retrieving all event log entries which match user-defined parameters. Since all of the data would be stored in a very simple database, a user adept at creation of SQL queries would most likely be able to create an app that is better suited for their own purposes.