Monitoring Approach for FSLogix

shockoMS 276 Reputation points

We have started a POC of using FSlogic O365 container and profile container. One thing I am struggling with is the monitoring approach. It seems the product uses a mix of Windows event logging and file logging (with some ETL file also). To develop a monitoring and alerting approach though I would need to know whats logged and to where. Is this documented anywhere? We recently had an issue where some users O365 container VHDX could not be loaded. This was not picked up and so our business were not happy.  I could tail the logs file using Splunk or the like but I need a reference for what's logged to build a parser or a list of Windows EventIDs to monitor for in the Windows Event Log.

A set of solutions that enhance, enable, and simplify non-persistent Windows computing environments and may also be used to create more portable computing sessions when using physical devices.
470 questions
0 comments No comments
{count} vote

1 answer

Sort by: Most helpful
  1. Sky 101 Reputation points

    We are having the similar issues.

    We will either configure an event forwarding policy to a central log repository, or create task using task scheduler to trigger some action in case any error message logged on Event log under Applications and Services Logs -> Microsoft -> Fslogix -> Apps -> Operational.

    We are going to enable prevent logon failure registry settings as well.

    0 comments No comments