Hello
Is there a way to show the SourceName with the most errors loged?
I like to have a message table that shows me the SourceName and message for the SourceName producing the most error in the last 24h.
You can make table with counts of each error type listed next to sources and set 1 as number of values for your error field. It will filter top errors for each source.
Below is sample with top EventID errors for each source (sorry about short list - just two Windows hosts at home 
)
@Arvo
Yes I know I can use a count table, but there I can’t see the messages. If i have to make a count table and next to it a message table (have to chance by hand to keep it updated) I will use to much time (hosting 15 server now and more will follow) in the morning to see where I have to start solving problem.
What I like to do is creating a variable which I can use in the message table.
Just click on count number and “Show documents for value” for any listed source.
Thanks for your help. It’s not what I’m looking for but I don’t think that there is a way to do what I want to.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.