Verify a monitored remote service#
When to use this procedure#
Use for FTP, HTTP, IMAP, NNTP, Ping, POP3, SMTP, and related probes.
Applies to#
This procedure applies to WinSyslog.
Prerequisites#
Use an account that can read the product configuration and Windows diagnostic state.
Replace angle-bracket placeholders with values from the affected system.
Safety#
Run diagnostic checks before changing configuration.
Remove passwords, private keys, license data, and other secrets from evidence.
Configuration path#
Configuration Client > the service, rule, or action named on the Event ID page.
Procedure#
Record target, address family, port, TLS/authentication mode, timeout, and expected response.
Expected result: The affected object and its effective settings are identified.
If it fails: Return to the complete Event Log detail and configuration export before changing settings.
Run the native Windows checks below from the affected product host.
Resolve-DnsName -Name '<HOST>' Test-NetConnection -ComputerName '<HOST>' -Port <PORT> -InformationLevel Detailed
Expected result: The endpoint is reachable and the smallest safe protocol request returns the expected response within timeout.
If it fails: Correct DNS, route, listener, TLS, credentials, path, expected response, or measured timeout.
Perform one uniquely identifiable product test through the same service, rule, or action.
Expected result: The intended destination records the test exactly once.
If it fails: Collect the first new product event and bounded debug output; do not change unrelated settings.
Verify the result#
Repeat the affected operation, confirm its positive output, and verify that queues, collection positions, or remote delivery continue normally.
Evidence to collect#
The complete Event Log entry and neighboring product events with timestamps.
The command output, relevant configuration export, and bounded debug log from the same interval.