Configuring Alerts for Data Collector Sets in Windows Server 2012 R2

Posted by on in | 495 Views | Leave a response

Following up from our previous article on setting up data collector sets, we’re going to look into using a data collector set to generate a Windows Event Viewer log alert.

First we’re going to boot Microsoft Server 2012 R2 and wait until the main control dashboard loads. From here, we’ll select the Performance Monitor tool as shown from the Tools dropdown box.
From the Performance Monitor application, we’ll create a User Defined Data Collector Set by right clicking on User Defined and selecting New > Data Collector Set

This opens the New Data Collector Set menu. Type in the name of your alert and select Advanced configuration. It’s worth pointing out that the Event Viewer will show the parameter rather than the data collector name when you look at it later.

We’re going to create a Performance Counter Alert here. Click Next. From here, you’ll get the option to add performance counters. Click Add.

This will launch a performance counter list. You can select what you want to configure an alert for. In this case, I’ve decided to configure an alert for C: drive disk space. You could also set alerts for high RAM usage, CPU processes usage, or critical networking statistics.
From this screen, we set our performance limits. I’ve decided to set my alert for 10Gb of remaining disk space.

If you are not credentialed in the way required to collect that data, the final screen allows you to change the credential information to run the alert. Since I’m logged in as the administrator, I’ll leave this alone. Click Finish but do not yet start the alert process.

Finally we’re going to configure our log entry service. Right click on the user defined process and go to the Alert Action tab. You can also set polling periodicity in the Alert tab.

Finally we’re going to start the alert process.
Once you have everything up and running, press the Windows key and start Event Viewer. Scroll down from Event Viewer > Applications and Services Logs > Microsoft > Windows > Diagnosis-PLA > Operational to see your events as they come in. You should expect to see alerts come in stating that a performance counter has tripped the alert threshold with the current value and the min/max value.

Leave a Reply