A customer recently asked me to monitor printer logs. His use case was to check which users were doing the printing, and what they were printing on the company’s printers, including their page numbers.
The printers in question had SNMP available, but didn’t provide this particular information. In addition, the printers didn’t have an API available to be queried.
We then thought to check the logs on Windows machines with printers connected to the Windows Spooler. And by default these logs are not enabled, although you can easily enable them by doing the following:
Log on to the server as administrator (you must have administrator privileges to enable system logs)
Open the Event Viewer on the server:
Press Windows + R to open the Run window
Type eventvwr.msc and press Enter
Navigate to the event log:
In the Event Viewer, expand Windows Logs in the left pane
Click on Application and Services
Expand Microsoft > Windows > PrintService
Click on Operational
Enable logging:
If the log is not active, you will need to enable it
Right-click Operational and select Enable log
Once this has been done, you can verify that events are being created:
Now we have the logs on the Windows servers and we just have to collect them on NetEye. For this we have agents that can be installed and configured easily.
To do this we first need to create a policy so that we can collect these logs. The policy to use is Custom Windows Event Logs and has to be configured like this:
The event ID that is collected is event id 307, which highlights all the parameters we need. At this point we can proceed to add hooks for the hosts:
After doing this and verifying that the data is coming in, you can proceed to build a dashboard that allows you to collect this information graphically. Here’s an example dashboard:
If you’d like to implement this solution please contact me and I can help you customize it for your needs, you know I’m always very very happy to make new dashboards.
Otherwise, have fun making the dashboard yourself 😊.
The next step is to create an alert in case special conditions occur based on the parameters we’re collecting and decide how to alert the administrator, or else see it directly in NetEye using webhooks and Tornado.
These Solutions are Engineered by Humans
Did you find this article interesting? Does it match your skill set? Our customers often present us with problems that need customized solutions. In fact, we’re currently hiring for roles just like this and others here at Würth Phoenix.
Hi, I’m Franco and I was born in Monza. For 20 years I worked for IBM in various roles. I started as a customer service representative (help desk operator), then I was promoted to Windows expert. In 2004 I changed again and was promoted to consultant, business analyst, then Java developer, and finally technical support and system integrator for Enterprise Content Management (FileNet). Several years ago I became fascinated by the Open Source world, the GNU\Linux operating system, and security in general. So for 4 years during my free time I studied security systems and computer networks in order to extend my knowledge. I came across several open source technologies including the Elastic stack (formerly ELK), and started to explore them and other similar ones like Grafana, Greylog, Snort, Grok, etc. I like to script in Python, too. Then I started to work in Würth Phoenix like consultant. Two years ago I moved with my family in Berlin to work for a startup in fintech(Nuri), but the startup went bankrupt due to insolvency. No problem, Berlin offered many other opportunities and I started working for Helios IT Service as an infrastructure monitoring expert with Icinga and Elastic, but after another year I preferred to return to Italy for various reasons that we can go into in person 🙂 In my free time I continue to dedicate myself to my family(especially my daughter) and I like walking, reading, dancing and making pizza for friends and relatives.
Author
Franco Federico
Hi, I’m Franco and I was born in Monza. For 20 years I worked for IBM in various roles. I started as a customer service representative (help desk operator), then I was promoted to Windows expert. In 2004 I changed again and was promoted to consultant, business analyst, then Java developer, and finally technical support and system integrator for Enterprise Content Management (FileNet). Several years ago I became fascinated by the Open Source world, the GNU\Linux operating system, and security in general. So for 4 years during my free time I studied security systems and computer networks in order to extend my knowledge. I came across several open source technologies including the Elastic stack (formerly ELK), and started to explore them and other similar ones like Grafana, Greylog, Snort, Grok, etc. I like to script in Python, too. Then I started to work in Würth Phoenix like consultant. Two years ago I moved with my family in Berlin to work for a startup in fintech(Nuri), but the startup went bankrupt due to insolvency. No problem, Berlin offered many other opportunities and I started working for Helios IT Service as an infrastructure monitoring expert with Icinga and Elastic, but after another year I preferred to return to Italy for various reasons that we can go into in person :) In my free time I continue to dedicate myself to my family(especially my daughter) and I like walking, reading, dancing and making pizza for friends and relatives.
